Unfriendly message upon typing incorrect password (Policykit-GNOME/GDM/gnome-screensaver)

Bug #411559 reported by David Siegel
50
This bug affects 7 people
Affects Status Importance Assigned to Milestone
One Hundred Papercuts
Fix Released
Low
Robert Ancell
PolicyKit
Invalid
Undecided
Unassigned
PolicyKit GNOME
New
Wishlist
policykit-1-gnome (Ubuntu)
Fix Released
Low
Robert Ancell
policykit-gnome (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

When I type my password incorrectly at GDM, and also at PolicyKit dialogs, the response is a label displaying the words "Authentication Failure." This would likely give my grandmother a heart attack. Instead, we should project kindness and understanding so our user who is struggling to remember her password, or perhaps made a typo, does not feel that she has just "failed". I suggest: "Incorrect password. Please try again."

Revision history for this message
David Siegel (djsiegel-deactivatedaccount) wrote :

Robert, did I assign this correctly? Would you be responsible for this text in PolicyKit dialogs?

Changed in hundredpapercuts:
milestone: none → round-9
status: New → Confirmed
Changed in policykit:
assignee: nobody → Robert Ancell (robert-ancell)
Revision history for this message
Andrew (and471) wrote :

I recommend we create a hybrid of both strings ie. :

"Authentication Failed. Please check you entered the correct password"

The reason for this being that this message might come up when their is something wring with PolicyKit (ie. the authenetication didn't happen because something is broken). We don't want to tell users/developers/ (most importantly) bug trackers that the issue was the password and not policykit failing. That could lead to many a confused bug report.

However at the same time we also want to be user friendly which is why I feel the hybrid string is better

Revision history for this message
Robert Ancell (robert-ancell) wrote :

Changed package to policykit-gnome

Changed in policykit:
assignee: Robert Ancell (robert-ancell) → nobody
status: New → Invalid
Changed in policykit-gnome (Ubuntu):
status: New → Invalid
Changed in policykit-1-gnome (Ubuntu):
status: New → Triaged
importance: Undecided → Low
Revision history for this message
Danielle Foré (danrabbit) wrote :

I agree with rugby471 that we don't want to say it was the password when we don't know for sure that it was.

Andrew (and471)
summary: - When I type an incorrect password, show "Incorrect password. Please try
- again." instead of "Authentication Failure"
+ Policykit-GNOME : Unfriendly message upon authentication failure
Revision history for this message
Andrew (and471) wrote : Re: Policykit-GNOME : Unfriendly message upon authentication failure

filed upstream

Changed in policykit-gnome-1:
status: Unknown → New
Revision history for this message
David Siegel (djsiegel-deactivatedaccount) wrote : Re: Policykit-GNOME : Unfriendly message upon typing incorrect password

rugby471, I've slightly changed the bug title to better reflect the spirit of the issue I am reporting.

summary: - Policykit-GNOME : Unfriendly message upon authentication failure
+ Policykit-GNOME : Unfriendly message upon typing incorrect password
Revision history for this message
Andrew (and471) wrote :

cool, I saw your comment upstream as well, I see your point of view :-)

I just thought that it might be difficult to distinguish between a failed authentication and an incorrect password, however if they can do it, all the better :-)

Changed in policykit-1-gnome (Ubuntu):
assignee: nobody → Robert Ancell (robert-ancell)
Andrew (and471)
Changed in hundredpapercuts:
status: Confirmed → In Progress
Revision history for this message
Marcus Carlson (0-launchpad-mejlamej-nu) wrote :

I've been looking in to this and the problem isn't actually in policykit/-gnome but a pam one. Probably specific to each pam module as well. Changing the pam modules will change all password chats (login, ssh, etc).

Else we could hijack the pam error message and compare it to "Authentication Failure" (localization??) and provide our own...

Could to be hijacked is problably this in polkit-grant.c (line 334)
                id = "PAM_ERROR_MSG ";
                if (g_str_has_prefix (line, id)) {
                        id_len = strlen (id);
                        polkit_grant->func_error_message (polkit_grant,
                                                          line + id_len,
                                                          polkit_grant->user_data);
                        goto processed;
                }

or lower in grant-grant-helper-pam.c (line 217-229)
                case PAM_ERROR_MSG:
                        fprintf (stdout, "PAM_ERROR_MSG ");
                        goto conv2;

Both is super hackish so I'd suggest changing the pam modules.

Revision history for this message
Robert Ancell (robert-ancell) wrote :

Patch attached.

Note this will require a freeze request to be completed for Ubuntu 9.10:
https://wiki.ubuntu.com/FreezeExceptionProcess#UserInterfaceFreeze%20Exceptions

Revision history for this message
Marcus Carlson (0-launchpad-mejlamej-nu) wrote :

I guess I was wrong then, sorry about that. But I do wonder one thing - does this mean that the errors from each PAM module is NOT shown?

Revision history for this message
Robert Ancell (robert-ancell) wrote :

It appears the error and warning messages from the authentication are connected to this label but if authorization fails it is explicitly set to "Authentication Failure". I haven't tested to see if this message is overriding any PAM messages provided by the authenticator.

Revision history for this message
Matthew Paul Thomas (mpt) wrote :

I don't think this is worth a user interface freeze exception, really.

How does this work for an authentication method that does not use passwords, e.g. a fingerprint reader? It would be a bit silly to say that the login name or password was incorrect when no password was involved.

Revision history for this message
Mat Tomaszewski (mat.t.) wrote : Re: [Bug 411559] Re: Policykit-GNOME : Unfriendly message upon typing incorrect password

Matthew Paul Thomas wrote:
> I don't think this is worth a user interface freeze exception, really.
>

I disagree. The message gives a really intimidating experience as it
stands right now.

> How does this work for an authentication method that does not use
> passwords, e.g. a fingerprint reader? It would be a bit silly to say
> that the login name or password was incorrect when no password was
> involved.
>
>
There are surely numerous ways of saying this in a more "human" way,
without mentioning login name or password.

"Your login attempt was unsuccessful. Please try again" could be one of
them. Any other suggestions?

Cheers,

M.

Revision history for this message
Mat Tomaszewski (mat.t.) wrote :

Mat Tomaszewski wrote:
> Matthew Paul Thomas wrote:
>> I don't think this is worth a user interface freeze exception, really.
>>
>
> I disagree. The message gives a really intimidating experience as it
> stands right now.
>
>> How does this work for an authentication method that does not use
>> passwords, e.g. a fingerprint reader? It would be a bit silly to say
>> that the login name or password was incorrect when no password was
>> involved.
>>
>>
> There are surely numerous ways of saying this in a more "human" way,
> without mentioning login name or password.
>
> "Your login attempt was unsuccessful. Please try again" could be one
> of them. Any other suggestions?
>
> Cheers,
>
> M.
>
>
Sorry, should obviously be "Your authentication attempt was
unsuccessful. Please try again" :)

Revision history for this message
Matthew Paul Thomas (mpt) wrote : Re: Policykit-GNOME : Unfriendly message upon typing incorrect password

I've just discussed this with Mat, and realized I didn't explain properly why I think this should be left until after 9.10.

The User Interface Freeze exists mostly to give translators the time to translate Ubuntu. Currently the "Authentication Failure" string is indeed intimidating in English. We don't have a good idea how intimidating it is in Ubuntu's various translations; some languages may have it translated more pleasantly than others. (Unfortunately it seems that Launchpad is unable to show me how it has been translated so far.)

The crucial point is that gettext translations are keyed off the exact English text. So if we changed the English string now, all the translations of the string would be discarded, with barely any time to translate the new string. We would have made it less intimidating in English, but much more intimidating in every other language where it was already translated.

So, I agree this needs fixing, but as long as it isn't downright misleading, changing the string at this point I think would worsen it more for more people than the improvement for English readers.

Changed in hundredpapercuts:
milestone: round-9 → lucid-round-10
Vish (vish)
Changed in hundredpapercuts:
importance: Undecided → Low
summary: - Policykit-GNOME : Unfriendly message upon typing incorrect password
+ Unfriendly message upon typing incorrect password (Policykit-GNOME)
Revision history for this message
Milan Bouchet-Valat (nalimilan) wrote : Re: Unfriendly message upon typing incorrect password (Policykit-GNOME)

If we don't try to over-interpret the message from PAM by replacing "Authentication failed" with "Wrong password", then the real fix can and should go into PAM itself. i.e., all programs in the system should return the chosen string when authentication failed. As suggested above, "Your login attempt was unsuccessful. Please try again." is a nice first shot.

I don't really like the idea of hacking the string in PolicyKit/GDM/gnome-screensaver themselves: after playing with that, we end up with ugly things like [1] which need to be repeated in every program.

1: http://git.gnome.org/browse/gnome-control-center/tree/capplets/about-me/gnome-about-me-password.c#n531

summary: - Unfriendly message upon typing incorrect password (Policykit-GNOME)
+ Unfriendly message upon typing incorrect password (Policykit-
+ GNOME/GDM/gnome-screensaver)
Vish (vish)
Changed in hundredpapercuts:
milestone: lucid-round-10 → maverick-round-8-potpourri
Revision history for this message
Martin Pitt (pitti) wrote :

FWIW, I'm fine with this landing in Maverick, but I'd really like to see this land upstream. Permanent string diverges are a pain.

Revision history for this message
Milan Bouchet-Valat (nalimilan) wrote :

The question is: which upstream (or which package) should it go into? This message comes from PAM, which sets it according when an authentication module returns PAM_AUTH_ERR from pam_sm_authenticate(). In the case of a bad password, this is the pam_unix module. The problem is, this module can also fail because the account has expired, or other reasons like that. And the PAM API doesn't allow the module to pass more information.

So it seems that without changing the PAM API, which would create compatibility issues, we can't get the real reason of the auth failure. Changing the string to something like "Wrong password" would work for most cases, but would be highly misleading if the reason is different (e.g. disabled account, or if something is going wrong in the setup of PAM). In particular, for Ubuntu server, it would be silly.

Maybe (maybe...) it would be possible to get the message printed directly to the console by the module, and see whether it contains "password". This kind of ugly hack could go into PAM, or into GDM/PolicyKit/gnome-screensaver, but upstreams generally don't really like this kind of solution.

Changed in policykit-1-gnome:
importance: Unknown → Wishlist
Vish (vish)
Changed in hundredpapercuts:
milestone: maverick-round-8-potpourri → nt7-potpourri
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package policykit-1-gnome - 0.99-1ubuntu3

---------------
policykit-1-gnome (0.99-1ubuntu3) natty; urgency=low

  * debian/patches/06-authentication-failure-string.patch:
    - Improve error message displayed when authentication fails (LP: #411559)
 -- Robert Ancell <email address hidden> Thu, 23 Dec 2010 16:59:27 +1100

Changed in policykit-1-gnome (Ubuntu):
status: Triaged → Fix Released
Vish (vish)
Changed in hundredpapercuts:
assignee: nobody → Robert Ancell (robert-ancell)
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.