(In reply to Brian Smith (:briansmith), was <email address hidden> (:bsmith) from comment #94)
> 2) The patch contains a prompt that asks "Do you want to save master
> password to system password manager?" But, this seems like the wrong
> question. I think, instead, the "Change Password" dialog box should look
> something like this:
>
> (*) Protect my data with my system password (recommended)
> ( ) Use a master password:
> New Password: [ ]
> Confirm Password: [ ]
> ( ) Don't protect my data
>
> If we did it this way, then we wouldn't need that separate prompt.
Now, let me argue against myself.
Shouldn't the users that care about protecting their passwords be using full-disk encryption with a system password already? Why don't we just remove the master password mechanism on Linux completely, and rely on users use of operating-system-level protection of their whole profile? That is, wouldn't the best UI be this?:
Mozilla recommends that you use a system password
and full-disk encryption to protect your data; if
you do that, then a master password is not very
helpful. We still support using a master password
for now, but we highly recommend against using
one, and we may remove this misfeature in a
future version.
[ ] Use a master password:
New Password: [ ]
Confirm Password: [ ]
(In reply to Brian Smith (:briansmith), was <email address hidden> (:bsmith) from comment #94)
> 2) The patch contains a prompt that asks "Do you want to save master
> password to system password manager?" But, this seems like the wrong
> question. I think, instead, the "Change Password" dialog box should look
> something like this:
>
> (*) Protect my data with my system password (recommended)
> ( ) Use a master password:
> New Password: [ ]
> Confirm Password: [ ]
> ( ) Don't protect my data
>
> If we did it this way, then we wouldn't need that separate prompt.
Now, let me argue against myself.
Shouldn't the users that care about protecting their passwords be using full-disk encryption with a system password already? Why don't we just remove the master password mechanism on Linux completely, and rely on users use of operating- system- level protection of their whole profile? That is, wouldn't the best UI be this?:
Mozilla recommends that you use a system password
and full-disk encryption to protect your data; if
you do that, then a master password is not very
helpful. We still support using a master password
for now, but we highly recommend against using
one, and we may remove this misfeature in a
future version.
[ ] Use a master password:
New Password: [ ]
Confirm Password: [ ]