User can get locked out of phone by disabling keyboard layout used to set password
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical System Image |
Confirmed
|
High
|
Bill Filler | ||
ubuntu-keyboard |
New
|
High
|
Michael Sheldon | ||
ubuntu-keyboard (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Steps to reproduce (WARNING: THIS WILL LOCK YOU OUT OF YOUR PHONE)
1) Enable the Arabic keyboard from System Settings -> Language & Text -> Keyboard Layouts
2) Set a password using Arabic characters
3) Disable the Arabic keyboard
4) Lock your phone
Expected result
User should be able to re-enable the Arabic keyboard so they can log in
Actual result
Impossible to login as access to system settings is disabled on the greeter for security
I'm not sure what the best solution is here, some possible options:
1) Try to create a secure way to allow the user to access only the keyboard layout part of system settings;
2) Show all available layouts in the language switcher when on the greeter screen
3) Record which layout(s) were used when creating the password and ensure they're always provided in the launcher (this might also be helpful when we start allowing custom layouts to be installed from the store, as we'd then have a mechanism by which we could warn the user if they were uninstalling a layout they'd used to set their password)
My vote:
4) Record which layout(s) were used when creating the password and do not allow the user to disable them without setting a new password.
Changed in ubuntu-keyboard: | |
importance: | Undecided → High |
Changed in canonical-devices-system-image: | |
milestone: | none → backlog |
assignee: | nobody → Bill Filler (bfiller) |
importance: | Undecided → High |
Changed in ubuntu-keyboard: | |
assignee: | nobody → Michael Sheldon (michael-sheldon) |
description: | updated |
Changed in canonical-devices-system-image: | |
status: | New → Confirmed |