[Bug 2117396] [NEW] Accessibility issues with password entries

Launchpad Bug Tracker 2117396 at bugs.launchpad.net
Tue Sep 9 09:38:44 UTC 2025 

You have been subscribed to a public bug by Sergio Costas (rastersoft-gmail):

Libnma has, at least, two accessibility problems:

* when an invalid password is typed, the text entry change its color to
red, but nothing else. This is an invalid behavior because it relies
exclusively in color to notify an error.

* the password storage options are accessed through the secondary icon
in the password entry, but those icons aren't accessible, because
neither can be accessed using only keyboard navigation, nor have a11y
labels/descriptions.

[ Impact ]

Users that rely on keyboard navigation and/or screen readers won't be
able to change the password storage options.

Also, color-blind users won't be able to notice that a password is
invalid.

There are two patches that fix these problems:

https://gitlab.gnome.org/GNOME/libnma/-/merge_requests/70
https://gitlab.gnome.org/GNOME/libnma/-/merge_requests/71

Even more: applying the second patch, which fixes the accessibility for
the password storage options, allows to move the error icon in the first
patch to the secondary place, which gives a better appearance.

[ Test plan ]

* Open gnome-control-center
* Go to the Wireless tab (or Network tab if the computer lacks wireless interface)
* Open the properties of any of the interfaces
* Go to the `Security` tab
* For each of the possible security options (from the first expandable menu), and using the TAB key, ensure (with the patch) that it's possible to access all the buttons for setting the password storage.
* Ensure that, when the password is invalid (for example, because it's empty) the entry not only is red, but also shows the `error` icon.

[ Where problems could occur ]

The first patch is quite simple, so the only problems that could be
expected to happen are related to the accessibility; for example, an
incorrect icon when there is an error, or an incorrect description in
that case.

The second patch, instead, is quite extensive and touches several parts,
specifically the interface. Several problems could occur if it hasn't
been correctly done:

* the interface can be left in an inconsistent state (for example, the button to change the password storage could be set to insensitive and, thus, don't allow to change again to sensitive, due to being linked to the sensitivity of the text entry)
* the interface files have been modified to include an extra button. Although care has been taken to ensure that the appearance is consistent, the buttons are inside a grid, so it could be that, due to a mistake, the rest of the interface wasn't expanded accordingly, and the button appear "outside the margins"
* since the interface files (.ui) in the current packages' code is different for Gtk3 and Gtk4 (in upstream this is fixed, and both sets have been unified), and gnome-control-center only uses Gtk4, it is possible that the backport made from the upstream patch contain errors in the Gtk3 interface files, which only could be detected with a Gtk3 program that uses this library. Unfortunately, at the moment no such program is known (with the exception of even older versions of gnome-control-center).
* there are more differences between upstream and the versions in Noble/Plucky/Questing. Specifically, nma-cert-chooser.ui doesn't exist, and everything is created with code in nma-cert-chooser.c, which results in some extra changes to accommodate what in upstream goes into the .ui file, into the .c code. This is an important point to review and where errors could be made, resulting in errors in the TLS page.

** Affects: libnma (Ubuntu)
     Importance: Undecided
     Assignee: Sergio Costas (rastersoft-gmail)
         Status: New

** Affects: libnma (Ubuntu Noble)
     Importance: Undecided
     Assignee: Sergio Costas (rastersoft-gmail)
         Status: New

** Affects: libnma (Ubuntu Plucky)
     Importance: Undecided
     Assignee: Sergio Costas (rastersoft-gmail)
         Status: New

** Affects: libnma (Ubuntu Questing)
     Importance: Undecided
     Assignee: Sergio Costas (rastersoft-gmail)
         Status: New

-- 
Accessibility issues with password entries
https://bugs.launchpad.net/bugs/2117396
You received this bug notification because you are a member of Ubuntu Sponsors, which is subscribed to the bug report.

More information about the Ubuntu-sponsors mailing list