URL: <https://savannah.gnu.org/bugs/?60088>
Summary: Disk decryption screen has some UX problems Project: GNU GRUB Submitted by: waterpaper Submitted on: Dom 21 Fev 2021 16:52:05 UTC Category: Security Severity: Major Priority: 5 - Normal Item Group: None Status: None Privacy: Public Assigned to: None Originator Name: Originator Email: Open/Closed: Open Release: Release: other Discussion Lock: Any Reproducibility: Every Time Planned Release: None _______________________________________________________ Details: If you encrypt the entire system, you'll get a text-based, however, it has some UX problems: 1. If you press enter (accidentally or not) while typing the password and start typing again, GRUB will "leak" your password in the screen while entering GRUB rescue. While decryption is in progress, keyboard should not register anything aside from keyboard shortcuts. 2. Why just one incorrect attempt makes the GRUB enter in rescue mode? Three attempts is a standard and it's better. Also, GRUB could show a keyboard shortcut like "press R to enter rescue mode". 3. There is no message indicating that decrypting is in progress. You if don't press enter correctly, you won't know if the decryption started or not. 4. Password characters doesn't appear in the screen as asterisks while you typing. This is very useful to check if the system registered two characters instead of one. 5. Backspace doesn't work. These issues happens in GRUB 2.04. _______________________________________________________ Reply to this item at: <https://savannah.gnu.org/bugs/?60088> _______________________________________________ Mensagem enviada pelo Savannah https://savannah.gnu.org/