Reply to topic

Kwallet (KDE Wallet Manager) questions [SOLVED]

User avatar undoIT
Registered Member
Posts
63
Karma
1
OS
I have some questions about Kwallet.

1. If I turn off Kwallet and save my password either for a WPA wifi connection or for a website I logged into with chromium (chromium request access to Kwallet), are those passwords stored unencrypted?

2. If I do use Kwallet but leave the password blank so I don't have to enter a password to access the wallet everytime my wifi connects to an encrypted network, are the passwords still stored encrypted?

3. I use full-disk encryption and user account login, both with strong passwords. Considering that, is there any reason to run Kwallet, or would I be better of uninstalling it and freeing up system resources?

Last edited by undoIT on Fri Mar 02, 2012 6:50 pm, edited 1 time in total.


lamarque
Registered Member
Posts
151
Karma
2
OS
undoIT wrote:I have some questions about Kwallet.

1. If I turn off Kwallet and save my password either for a WPA wifi connection or for a website I logged into with chromium (chromium request access to Kwallet), are those passwords stored unencrypted?


for KDE programs they are stored unencrypted. That is also true if you set your wifi connection as system connection (regardless if kwallet is running or not). Chromium stores encrypted passwords in kwallet, which is redundant. I guess Google do not want to share the passwords with kwallet, just use it as storage.

undoIT wrote:2. If I do use Kwallet but leave the password blank so I don't have to enter a password to access the wallet everytime my wifi connects to an encrypted network, are the passwords still stored encrypted?


I am not sure about that.

undoIT wrote:3. I use full-disk encryption and user account login, both with strong passwords. Considering that, is there any reason to run Kwallet, or would I be better of uninstalling it and freeing up system resources?


For convinience, kwallet is not only used to encrypt data, it's also used to allow other programs to access it without asking for password everytime. You type the password once, or in your case with black password you do not type anything at all, and all programs can read that data from kwallet without asking for a password.

If you uninstall password, Plasma NM (the networkmanagement plasmoid) will ask for the wifi key of your connection everytime NetworkManager is restarted (NM caches the keys in RAM). If kwallet is enabled, you can restart NetworkManager and it will retrieve the wifi key from kwallet automatically as long as the wallet is still opened.

I do not know if chromium works without a backend storage (kwallet or keyring). If you use programs like kmail, kopete, telepathy-kde, konversation, etc, all them will ask for the passwords or store them unencrypted (or with very weak encryption) if kwallet is disabled. Also, it is easier to search for a password you do not remember in kwallet than in other programs. Well, for the paranoic people that is a weakness, for me it's a convinience :-D


Software engineer at Petrobrás http://www.petrobras.com.br/en/about-us/
KDE's Network Management maintainer
User avatar undoIT
Registered Member
Posts
63
Karma
1
OS
Okay, thanks for the response. I guess it makes the most sense to keep doing things the way I have been doing them, use Kwallet with blank password for convenience and encrypt hard drive.
vojta
Registered Member
Posts
1
Karma
0
OS
I have written this simple patch. It allows you to browse passwords saved in KWallet by Chromium using KWallet Manager. However, it is really simple and it does not do any error checking etc. And it may not work with passwords saved by older versions of 32-bit Chromium. I will improve it and maybe send to KWallet devs sometime in the future.
User avatar bcooksley
Administrator
Posts
18669
Karma
83
OS
If you do wish to submit it, this can be done through KDE Reviewboard (https://git.reviewboard.kde.org/)


System Settings and Device Actions KCM maintainer
Image

 
Reply to topic

Bookmarks



Who is online

Registered users: AElfwine, alake, anditosan, Artmessiah, Baidu [Spider], Bing [Bot], edmael, Exabot [Bot], garthecho, geaplanet, Google [Bot], google01103, Horus, inksi, Joif, ken300, La Ninje, lazyit, pedrorodriguez, pvonz, thalesgava, tienhung, VP1986, Yahoo [Bot]