passphrase entry screen needs work

Bug #151264 reported by Ian Jackson on 2007-10-10
2
Affects Status Importance Assigned to Milestone
partman-crypto (Ubuntu)
Medium
Unassigned

Bug Description

I'm doing a test install of gutsy 20071009.1 i386 d-i. I selected use whole disk with LVM and encryption. I think the passphrase entry screen needs improvements.

Most users are not very good at choosing good passwords. So the system should offer, by default, to generate one.

Most important passwords that most users will be familiar with will have some kind of reset or recovery mechanism. This is not the case here. This fact, and the consequences of passphrase loss, are not spelled out clearly enough. The user should be advised to write the passphrase down on paper and keep it in a safe place separate from the laptop.

As of Ubuntu 7.10, the consequences of passphrase loss are clearly spelled out, but the installer does not yet offer to generate a password.

Colin Watson (cjwatson) wrote :

I agree with you that partman-crypto should offer to generate a passphrase, but I have not attempted to do that so close to release.

I've made the suggested wording change:

partman-crypto (21ubuntu3) gutsy; urgency=low

  * Disable partition erasing by default, as it's very slow and only of
    moderate value (LP: #151244).
  * Warn that the passphrase cannot be recovered if lost (helps with LP
    #151264).

 -- Colin Watson <email address hidden> Fri, 12 Oct 2007 14:51:34 +0100

... adding the following text:

 There is no way to recover this passphrase if you lose it. To avoid
 losing data, you should normally write down the passphrase and keep it
 in a safe place separate from this computer.

Changed in partman-crypto:
importance: Undecided → Medium
status: New → Triaged

Colin Watson writes ("[Bug 151264] Re: passphrase entry screen needs work"):
> I agree with you that partman-crypto should offer to generate a
> passphrase, but I have not attempted to do that so close to release.

Quite so.

> There is no way to recover this passphrase if you lose it. To avoid
> losing data, you should normally write down the passphrase and keep it
> in a safe place separate from this computer.

That's excellent.

Ian.

Colin Watson (cjwatson) on 2007-12-21
description: updated
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers