Saner defaults for KWallet

Congrats to everyone on the Plasma 6 release! Went pretty smoothly for me and I’m very grateful to everyone. One of the few bugs I am experiencing is this one related to KWallet, which brought it back into my consciousness for the first time in a long while and got me thinking back to my experience setting it up.

Can I politely suggest four things be made default about KWallet, if they are not already? :slight_smile:

  1. “Prompt when an application accesses a wallet” is enabled. Though programs with access to the wallet still have access to the entire wallet, at least the user can choose whether to approve it or not. The “Allow Once” vs “Allow Always” options are particularly nice and user-friendly. I think non-technical users are unlikely to delve into the settings and enable this themselves so it should be on by default.

  2. The initial wallet created when Plasma starts for the first time is always set up with the user’s password as its password and to open automatically at login. This avoids a common first teething issue for new Plasma users – that connecting to WiFi always requires a password.

  3. The popup to set up KWallet should appear when KDE is first launched, not when something tries to use KWallet for the first time. This way it can be explained in advance what KWallet is, the defaults can be presented, and the user can agree to set it up, so that when an app tries to gain access the user knows what is happening. Otherwise the first time a dialog pops up saying that some program, possibly with an unintelligible name like kded6, wants to access your wallet and you should set it up now, it sets off alarm bells and the user rushes to Google.

Perhaps these are default these days, if so, sorry. They weren’t when I last setup Plasma a year ago.

  1. Related to the above – add some sort of optional accompanying message to the dialog from whatever is requesting access to the wallet? So that e.g. kded6 can say that it’s for e.g. storing a new WiFi password? Because kded6 could be asking for a huge number of reasons, and it’s scary when you don’t recognise the thing making the request.

I know there are things that could be improved with regards to KWallet’s security. But for the simple case of most users of storing e.g. WiFi passwords in an encrypted rather than plain-text fashion, it seems like a perfectly adequate solution. The above changes would make it a bit more user-friendly though and lead to fewer people turning it off or being confused by its function.