https://bugs.kde.org/show_bug.cgi?id=445841
--- Comment #1 from Ivan Čukić <ivan.cu...@kde.org> --- It could be done for some backends, but not all support password changing. For example, cryfs doesn't seem to support it. What is important to note is that changing the password (in general) doesn't re-encrypt the data, so if an attacker has your old encfs/cryfs/... config file and the old password, it is likely that they would be able to access newly encrypted data as well. (didn't test this with the Vault-supported encryption schemes, but this is often the case). If Vaults get this feature, it will need a wall-of-text explaining what changing the password doe not defend against. For the time being, and a better practice in general is to create a new vault, move the data, delete the old vault. -- You are receiving this mail because: You are watching all bug changes.
