Comment 20 for bug 615239

There is a potential security issue here.

Whenever a legitimate program is seen asking for a password as the result of an automatic operation people come to think of it as normal. This undermines the suspicion that we would otherwise encourage in people to help them avoid scams and malicious software.

A more serious security issue arises if you are using a normal user account and the connection in question is shared. In this case you get a second dialogue box asking for an administrator password for privilege escalation. In this case we have users socially engineered to provide privilege escalation to any user-space program that impersonates this bug.

I think it would be preferable that it didn't ask for a password (even if we know that's what's wrong) and just retried from time-to-time. If the user wants to remedy the situation they can just go through what they did first time they connected, at least then they expect to be asked for a password so no harm is done.

Observations based on 16.04.