eCryptfs

Bug #359997
Comment #15

Comment 15 for bug 359997

Revision history for this message

PhysicsDan (beakdan) wrote on 2010-02-10:

#15

It sounds like many people are making the same mistake I did: they read the dialog, and believe that they are being ASKED for a passphrase that will be used to encrypt their home folder. In fact, that password has ALREADY BEEN MADE, and this is merely giving you the opportunity to VIEW that password so that you can record it for safekeeping.

There are two factors that contribute to this impression:

1) the dialog opens with "To encrypt your home directory or "Private" folder" - the use of the word "to" at the beginning of the sentence implies future tense- ie, the user believes that this is an action which is ABOUT to occur, not one that has occurred already.

2) in the dialog, reference is made to "your user password", but after clicking the button, the screen reads "Passphrase:", which further implies that the user is ENTERING a passphrase that will be used for encryption.

Yes, the dialog box does say "Enter your user password at the "Passphrase" prompt.", but as a rule, people speed-read dialog boxes, and so the overall impression can easily be the one many users have expressed here.

I know that I believed I was being asked for a passphrase, which i picked out, dutifully wrote down and then entered. I was shocked that I was only asked for it once- normally you're required to enter a new password twice to eliminate spelling errors. I received an error message, but I thought that there was an error with the program, and that I'd need to track the bug down later, but I didn't need to rush. After all, since my files hadn't been encrypted yet, I could take care of this at my leisure.

SUGGESTED FIX:

I'd suggest something that puts people in the right frame of mind from the outset, a la:

********************************************
Congratulations! Your home directory has been encrypted, and your personal data is secure in the event of theft or loss. Usually your directory is unlocked with your user password, but if you ever need to manually recover this directory, you will need this passphrase. Please print or write it down and store it in a safe location.

To see your passphrase now, click the button below. You will be required to enter your login password. If you need to record your passphrase in the future, just run the "ecryptfs-unwrap-passphrase" command in a terminal.
=======================
See my passphrase now | Close without viewing passphrase |
=======================
*******************************************

I suggest that a change should be made to the "ecryptfs-unwrap-passphrase" command so that it requests "Password for $USER". If an incorrect password is given, it should say "Sorry, try again". This is the expected behavior based on invoking sudo, and it's going to confuse the user to switch behavior on them.

It sounds like many people are making the same mistake I did: they read the dialog, and believe that they are being ASKED for a passphrase that will be used to encrypt their home folder.  In fact, that password has ALREADY BEEN MADE, and this is merely giving you the opportunity to VIEW that password so that you can record it for safekeeping.

There are two factors that contribute to this impression:

I know that I believed I was being asked for a passphrase, which i picked out, dutifully wrote down and then entered.  I was shocked that I was only asked for it once- normally you're required to enter a new password twice to eliminate spelling errors.  I received an error message, but I thought that there was an error with the program, and that I'd need to track the bug down later, but I didn't need to rush.  After all, since my files hadn't been encrypted yet, I could take care of this at my leisure.

SUGGESTED FIX:

I'd suggest something that puts people in the right frame of mind from the outset, a la:

********************************************
Congratulations!  Your home directory has been encrypted, and your personal data is secure in the event of theft or loss.  Usually your directory is unlocked with your user password, but if you ever need to manually recover this directory, you will need this passphrase. Please print or write it down and store it in a safe location.

To see your passphrase now, click the button below.  You will be required to enter your login password.  If you need to record your passphrase in the future, just run the "ecryptfs-unwrap-passphrase" command in a terminal.
=======================
See my passphrase now | Close without viewing passphrase |
=======================
*******************************************

I suggest that a change should be made to the "ecryptfs-unwrap-passphrase" command so that it requests "Password for $USER".  If an incorrect password is given, it should say "Sorry, try again".  This is the expected behavior based on invoking sudo, and it's going to confuse the user to switch behavior on them.