Closed Bug 325351 Opened 17 years ago Closed 5 years ago

Single-sign-on password management system

Categories

(Toolkit :: Password Manager, enhancement, P5)

Product:
Toolkit
Component:
Password Manager
Platform:
x86
Linux
Type:
enhancement

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: tmpfreire, Unassigned)

Details

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; rv:1.8) Gecko/20060109 Firefox/1.5
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; rv:1.8) Gecko/20060109 Firefox/1.5

Right now the existing password management is specific for the mozilla platform. Kde has is Wallet, Opera has its own password management, and many other projects reinvent the wheel looking at their own belly-buttons. It is a waste of resources ((wo)man-hours of coding), and an additional harassment of the users, because the different systems are incompatible. In other words, the contents do not propagate from one system to the other one. Thus, if I set my bugzilla password on Firefox, Konqueror does not know anything about it. Some people won't bother that much, because they use only one browser. KDE has its KWallet system, which is a step in the right direction. looks like it will finally become really a 'single sign on' system on KDE 4 (right now it asks for a password just after logon, so the user has to input a password twice). I think that with enough goodwill a STANDARD system for an encrypted password wallet can be designed, implemented and adopted by the interested parties, like:
KDE
GNOME
Mozilla
Opera (competition is good, and cooperation where it matters is even better)
etc.
I think that it would be better if Mozilla.org is not 'The Manager' of the project. I think Freedesktop.org is the shrine of current 'Open Source Desktop Environment Standards', and as such should coordinate the effort, and Mozilla.org and the others would work with it to design a system useable by all.

Reproducible: Always

Steps to Reproduce:
1. Set up password for some site with password management enabled
2. open any other browser
3. no password there

Actual Results:  
Each browser has its own password management system

Expected Results:  
When i set up a password for some place, it should be stored in a browser-agnostic way

I have filed a bug on freedesktop.org on this subject some time ago.
https://bugs.freedesktop.org/show_bug.cgi?id=4513
In case Liberty is chosen, it's bug 164582 ...
Status: UNCONFIRMED → NEW
Component: Password Manager → OS Integration
Ever confirmed: true
Summary: Mozilla.org should cooperate with the community to create a single-sign-on password management system → Single-sign-on password management system
QA Contact: password.manager → os.integration
Voted for this one. I'm not into the code of Firefox, nor KWallet, but wouldn't it be possible to implement this as an optional security device (Preferences - Advanced - Encryption - Secutity Devices) in the manner of FIPS which is already there? (Same goes for Liberty)

Perhaps as an Extension or PlugIn or even a platform specific "mod" that could come with Linux distros?

Other idea, perhaps solvable as a FF extension:
This wouldn't even have to be a full replacement, but just look, if "KWallet" is there and ask it for the Master password, enter it automatically and finished :-) This way, if you'd turn off kwalletmanager or switch to gnome or use your profile under Windows,... - FF would still work as usual, you just had to type in your MP again.
Not a shell integration bug. I suspect this is a Firefox -> General bug but moving to untriaged in the hope that it gets triaged to the correct component
Component: Shell Integration → Untriaged
Component: Untriaged → Password Manager
Product: Firefox → Toolkit
Third-party password managers basically provide this. I don't think it's useful to keep this open as a Firefox bug at this time.
Status: NEW → RESOLVED
Closed: 5 years ago
Priority: -- → P5
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.