Feature changed by: Per Jessen (pjessen) Feature #312871, revision 3 Title: Auto-lock with password when screen saver kicks in. openSUSE 12.1: Unconfirmed Priority Requester: Important Requested by: Per Jessen (pjessen) Partner organization: openSUSE.org Description: * Enable automatic screen-lock with password required. E.g. after 5mins and 10seconds respectively. * add a default "lock" button to the GUI taskbar Business case (Partner benefit): openSUSE.org: To increase security. We have many and varied security- related features and policies. Requiring a password when the screen auto-locks is just common sense. An easily accessible lock button makes it more likely that a user will use it when he leaves his desk. These both ought to be the default setup. Discussion: #1: David Hodgson (jetojedno) (2011-10-09 21:27:57) Just to be clear, the proposal is just for a default on install? Or is the proposal that somewhere within the system, the screensaver with auto-lock can be made mandatory? + #3: Per Jessen (pjessen) (2011-10-10 09:47:44) (reply to #1) + For starters, a change of default is sufficient, but clearly it would + be better to also be able deny the user the possibility to change it. + That seems to be a little more intrusive than a simple change of + default though. #2: David Hodgson (jetojedno) (2011-10-09 21:30:15) I would add a variant: that the screensaver (with auto-lock) is invoked on bootup auto-login, so someone starting the computer needs to put in the password, but that all the usual start-up stuff can happen in the background while doing that. -- openSUSE Feature: https://features.opensuse.org/312871

Feature changed by: Per Jessen (pjessen) Feature #312871, revision 5 Title: Auto-lock with password when screen saver kicks in. openSUSE 12.1: Unconfirmed Priority Requester: Important Requested by: Per Jessen (pjessen) Partner organization: openSUSE.org Description: * Enable automatic screen-lock with password required. E.g. after 5mins and 10seconds respectively. * add a default "lock" button to the GUI taskbar Business case (Partner benefit): openSUSE.org: To increase security. We have many and varied security- related features and policies. Requiring a password when the screen auto-locks is just common sense. An easily accessible lock button makes it more likely that a user will use it when he leaves his desk. These both ought to be the default setup. Discussion: #1: David Hodgson (jetojedno) (2011-10-09 21:27:57) Just to be clear, the proposal is just for a default on install? Or is the proposal that somewhere within the system, the screensaver with auto-lock can be made mandatory? #3: Per Jessen (pjessen) (2011-10-10 09:47:44) (reply to #1) For starters, a change of default is sufficient, but clearly it would be better to also be able deny the user the possibility to change it. That seems to be a little more intrusive than a simple change of default though. #4: Tim Edwards (tk83) (2011-10-10 11:37:12) (reply to #3) No it wouldn't be better to deny the user the possibility of changing it. Many people have their computers in environments (eg. their home) where they don't need to lock the screen, either because they live alone or they trust the people they live with not to stuff around with their computer without permission. Having it as a default is not a bad idea, as long as it's configurable (and it is already in KDE so making it non-configurable would require breaking a KDE feature - a big no-no). + #5: Per Jessen (pjessen) (2011-10-11 09:39:41) (reply to #4) + A security feature that can be switched off by the user is really not + much of a feature, unfortunately. Requiring a password by default is a + step in the right direction, but I don't want my users to be able to + disable that. I think it would be absolutely fine to deny the user the + ability to change this setting, but obviously anyone with root/admin + access should be able to do so. + This way we cater to your home user as well as to my office users. #2: David Hodgson (jetojedno) (2011-10-09 21:30:15) I would add a variant: that the screensaver (with auto-lock) is invoked on bootup auto-login, so someone starting the computer needs to put in the password, but that all the usual start-up stuff can happen in the background while doing that. -- openSUSE Feature: https://features.opensuse.org/312871

Feature changed by: Marcus Meissner (msmeissn) Feature #312871, revision 7 Title: Auto-lock with password when screen saver kicks in. openSUSE 12.1: Unconfirmed Priority Requester: Important Requested by: Per Jessen (pjessen) Partner organization: openSUSE.org Description: * Enable automatic screen-lock with password required. E.g. after 5mins and 10seconds respectively. * add a default "lock" button to the GUI taskbar Business case (Partner benefit): openSUSE.org: To increase security. We have many and varied security- related features and policies. Requiring a password when the screen auto-locks is just common sense. An easily accessible lock button makes it more likely that a user will use it when he leaves his desk. These both ought to be the default setup. Discussion: #1: David Hodgson (jetojedno) (2011-10-09 21:27:57) Just to be clear, the proposal is just for a default on install? Or is the proposal that somewhere within the system, the screensaver with auto-lock can be made mandatory? #3: Per Jessen (pjessen) (2011-10-10 09:47:44) (reply to #1) For starters, a change of default is sufficient, but clearly it would be better to also be able deny the user the possibility to change it. That seems to be a little more intrusive than a simple change of default though. #4: Tim Edwards (tk83) (2011-10-10 11:37:12) (reply to #3) No it wouldn't be better to deny the user the possibility of changing it. Many people have their computers in environments (eg. their home) where they don't need to lock the screen, either because they live alone or they trust the people they live with not to stuff around with their computer without permission. Having it as a default is not a bad idea, as long as it's configurable (and it is already in KDE so making it non-configurable would require breaking a KDE feature - a big no-no). #5: Per Jessen (pjessen) (2011-10-11 09:39:41) (reply to #4) A security feature that can be switched off by the user is really not much of a feature, unfortunately. Requiring a password by default is a step in the right direction, but I don't want my users to be able to disable that. I think it would be absolutely fine to deny the user the ability to change this setting, but obviously anyone with root/admin access should be able to do so. This way we cater to your home user as well as to my office users. #2: David Hodgson (jetojedno) (2011-10-09 21:30:15) I would add a variant: that the screensaver (with auto-lock) is invoked on bootup auto-login, so someone starting the computer needs to put in the password, but that all the usual start-up stuff can happen in the background while doing that. #6: Alun Peck (ajpeck) (2011-10-17 07:26:25) What about this idea for dealing with the home and office situation. On install, at the point where security details are requested, to ask the installer where the computer is in an office or home environment. Depending on the choice, the suitable default configuration can be installed. Of course a typical home user would also know the root password, thus can change between the two configuration profiles at will and tweak them as needed. This way you can satisfy both the office environment and the private home user. + #7: Marcus Meissner (msmeissn) (2011-10-25 07:03:13) + quite late for 12.1. -- openSUSE Feature: https://features.opensuse.org/312871

Feature changed by: Karl Cheng (qantas94heavy) Feature #312871, revision 10 - Title: Auto-lock with password when screen saver kicks in. + Title: Auto-lock with password after certain time by default - openSUSE 12.1: Unconfirmed + openSUSE Distribution: Done Priority - Requester: Important + Requester: Desirable Requested by: Per Jessen (pjessen) Partner organization: openSUSE.org Description: * Enable automatic screen-lock with password required. E.g. after 5mins and 10seconds respectively. * add a default "lock" button to the GUI taskbar Business case (Partner benefit): openSUSE.org: To increase security. We have many and varied security- related features and policies. Requiring a password when the screen auto-locks is just common sense. An easily accessible lock button makes it more likely that a user will use it when he leaves his desk. These both ought to be the default setup. Discussion: #1: David Hodgson (jetojedno) (2011-10-09 21:27:57) Just to be clear, the proposal is just for a default on install? Or is the proposal that somewhere within the system, the screensaver with auto-lock can be made mandatory? #3: Per Jessen (pjessen) (2011-10-10 09:47:44) (reply to #1) For starters, a change of default is sufficient, but clearly it would be better to also be able deny the user the possibility to change it. That seems to be a little more intrusive than a simple change of default though. #4: Tim Edwards (tk83) (2011-10-10 11:37:12) (reply to #3) No it wouldn't be better to deny the user the possibility of changing it. Many people have their computers in environments (eg. their home) where they don't need to lock the screen, either because they live alone or they trust the people they live with not to stuff around with their computer without permission. Having it as a default is not a bad idea, as long as it's configurable (and it is already in KDE so making it non-configurable would require breaking a KDE feature - a big no-no). #5: Per Jessen (pjessen) (2011-10-11 09:39:41) (reply to #4) A security feature that can be switched off by the user is really not much of a feature, unfortunately. Requiring a password by default is a step in the right direction, but I don't want my users to be able to disable that. I think it would be absolutely fine to deny the user the ability to change this setting, but obviously anyone with root/admin access should be able to do so. This way we cater to your home user as well as to my office users. #2: David Hodgson (jetojedno) (2011-10-09 21:30:15) I would add a variant: that the screensaver (with auto-lock) is invoked on bootup auto-login, so someone starting the computer needs to put in the password, but that all the usual start-up stuff can happen in the background while doing that. #6: Alun Peck (ajpeck) (2011-10-17 07:26:25) What about this idea for dealing with the home and office situation. On install, at the point where security details are requested, to ask the installer where the computer is in an office or home environment. Depending on the choice, the suitable default configuration can be installed. Of course a typical home user would also know the root password, thus can change between the two configuration profiles at will and tweak them as needed. This way you can satisfy both the office environment and the private home user. #8: Kim Leyendecker (openlhag) (2011-10-25 16:21:52) (reply to #6) @Alun +1 #7: Marcus Meissner (msmeissn) (2011-10-25 07:03:13) quite late for 12.1. -- openSUSE Feature: https://features.opensuse.org/312871