On Monday, May 06, 2013 19:11:19 Eike Hein wrote: > > How does KWallet encrypt if no password has been set? > > About as badly as one would expect. It does still generate a hash which > it uses for encryption. What kwalletd does is try whether it can open a > wallet with an empty password first (thus generating the same hash) and > ask for one to be entered if it can't. > > Obviously running with an empty password isn't really for the security- > minded, but the distributions in question feel like this is the better > default > for their user experience. At least the user can still set a password later.
This is also desired behaviour for Plasma Active, one reason being the UI being entirely unsuitable for a touch device. -- sebas http://www.kde.org | http://vizZzion.org | GPG Key ID: 9119 0EF9
