Ubuntu QA:
BlogBrainstormPackage status
Log in
Ubuntu QA
The Ubuntu community has contributed 15328 ideas, 75068 comments, 1387413 votes

Idea #8226: Unify all wallet manager (KDE, Gnome, Firefox, ...)



bug This idea is a duplicate of idea #937: Keyring should be a great password manager.
up
102
down
Written by elias1884 the 8 May 08 at 14:49. Category: Security.
Related to: Nothing/Others. Status: New
Description
Unify all Password Managers into one Daemonized Application!

We would have one wallet manager backend which is independent form the Desktop Environment and provide access to it through a generalized API. KDE and GNOME then would provide frontends using this API. Firefox, Thunderbird, Pidgin, Evolution all other GNOME and KDE apps would use the API to store and retrieve their passwords.

This could be equally popular like NetworkManager which also is based on this two layer frontend/backend model.

We should make this universal and secure enough to allow users to store their personal passwords like debit card pins as well. Providing that functionality however will be a frontend task.

Also SSH password based as well as key based authentication should be handled by this application.
Tags: (none)

Attachments
No attachments.


Duplicates


Comments
droetker wrote on the 9 May 08 at 12:53
like best everywhere it would be good to make a DE independant backend - and frontends fot qt,gtk,...

jelmer wrote on the 11 May 08 at 04:06
Perhaps a FreeDesktop standard for accessing stored credentials ?

Auzy wrote on the 11 May 08 at 05:58
I definately agree.. Certainly a great idea.

This will do for protected storage for what dbus did for sending messages between applications.

+1

HDave wrote on the 15 May 08 at 02:38
I think this is a great idea and could easily be provided by a moderately enhanced keyring (Seahorse). Keyring is already based on the GnuPG standard and is tied into many programs.

If you agree, vote yes on this idea:

http://brainstorm.ubuntu.com/idea/937/

tgape wrote on the 30 May 08 at 19:31
Politically difficult, but could have significant benefits.

I think an even better strategy would be to get a standard for keychain management, and then get applications which use or manage passwords to support the standard.

Going this route, one would not be dependent on a particular software product. Instead, if the keychain management software one was using went in a problematic direction, one could simply switch to another product. One could also do such a change if ones vendor was unresponsive to a particular security hole.


Post your comment