Only grab keyboard when line edits have focus in pinentry (qt)

Andre Heinecke aheinecke at intevation.de
Wed Jun 29 15:04:13 CEST 2016 

Hi,

On Wednesday 29 June 2016 10:22:22 Bernhard Reiter wrote:
> Am Dienstag, 28. Juni 2016 17:08:22 schrieb Daniel Kahn Gillmor:
> >  b) user confusion about window focus (e.g. typing your password into
> >     your chat client by accident when you think you're typing in your
> >     pinentry)
> 
> How does that happen in detail?
> Are you refering to the following case:
> You start typing in the pinentry and after the third key you have pressed,
> a new, different window pops up and the fourth key goes to that window?

Imo this would be an agressive (like pinentry) other window that also tries to 
"steal" the focus which is generally a bad usability choice and you don't see 
something like that often.
But yes this could happen when previously it required that pinentry was 
minimized.

> Or is it:
> You see the pinentry, but your keyboard focus is elsewhere, so you start
> typing, but the first key goes to the other window (which still had the
> focus).

I think that case is covered because pinentry still pops up in the foreground 
and sets the focus to the line edit (which then also grabs the keyboard).

> >  i think it might lose something for use case (b).
> >  Maybe other people don't care

As case b) is more of a usability problem and not a technical vulnerability my 
personal weighing would be that the global grab is the bigger usability 
problem then the chance that you accidentally input secrets into the wrong 
window.

I've also seen no other password entry, yet, that globally grabs the keyboard 
and so I think that users may find this unexpected with pinentry.

> > about use case (b); if so, that's fine.  For myself, i often have enough
> > things running concurrently (and can become sufficiently distracted)
> > that global kbd grab probably saves me from making that particular
> > mistake about once or twice a month.

Ok your experience there differes from mine I have never felt that the global 
grab saved me from anything but often felt "aaah damn, forgot to decrypt the 
passphrase before signing this file". Because I regularly have to look up the 
passphrase for other keys in encrypted files so for me having multiple 
pinentries active / decrypting a file containting a passphrase while pinentry 
is open is a regular use case for me and for that the "less agressive" 
grabbing is an advantage.

The global grab is actually a reason why I like to use a smartcard reader with 
a pinpad.

Imo as pinentry is already very diverse we could just keep the global grab in 
GTK and do the focused Grab in Qt and thus offer a good solution for both 
cases. Hurray for diversity. :-)

Regards,
Andre

-- 
Andre Heinecke |  ++49-541-335083-262  | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 648 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20160629/be26a0f4/attachment.sig>

More information about the Gnupg-devel mailing list