Removing greeter's username textfield

luisbraganca
  6 years ago
  2
  Under review

Mint's default greeter (Mint-X) asks for the username although it has the possibility to select the user by clicking on it.
-> https://www.dropbox.com/s/q1mwm4c2q0sveu3/1.png?dl=0

Usually, mint selects by default my personal account, which means I don't need to type my username on the username's textfield, so instead of the username's textfield, it's shown the password's password field* (with hidden characters just like a regular password field).
-> http://linuxmint.com/pictures/screenshots/petra/mdm.png (this image does not belong to me)

However, sometimes mint asks firstly for the username and then the password...
When this happens, I turn on my laptop and there's just one textfield (I presume it's the password's textfield since usually my username is already selected), I type my password and then, checking my laptop's screen, I notice my password is on the username's textfield (so it's visible).
This may be dangerous if I'm not alone.

- Since the username is selectable on mouse click, username's textfield is not needed
--> Removing the username textfield.

- Two different textfields on the same place is quite confusing and since we're talking about a password field, it's also dangerous.
--> Using the two textfields (username and password) at the same time and on different places.

*Passwordfield: Same as a textfield but the text inside is hidden (******)
Latest comments
onstrike 6 years ago

If you actually look at the screen you wouldn't have this problem.


Hammer459 6 years ago

First and foremost, the problem is not so much that the username field is there, it is that you don't look at the screen while typing :-)
The username and password entry has been standard in unix (and all its siblings) since 1969. The clicking on a name is relatively new and it in and of itself is a security issue. You now _know_ available user names and can possibly figure out passwords. If no users are "clickable" you have to know the username (not real name) of the user as well as the password.
And besides.... it is sooo much faster just typing my username[Enter]password[Enter] compared to {fibble with rodent}{click}{change to keyboard}password[Enter]
Demote!!!


luisbraganca 6 years ago

I agree with @ratisbona


ratisbona 6 years ago

This is very important, I was about to write a similar suggestion. The login screen is a severe security issue IMHO, for it's design is not good. Especialy in systems with only one user, the risk of typing in password instead of user name is very high. That's not a bug, remoulder, but a design issue.


remoulder 6 years ago

Please report this as a bug on the bug tracker https://bugs.launchpad.net/linuxmint, it is not an idea.