I agree that it is desirable for nordpass to store its passwords in the keyring, but it is important to remember that in the snap ecosystem there are several voices when considering auto-connection: snapd (base declaration policy), the gadget snap (for device-specific auto-connections, does not apply here), the store (snap declaration policy; ie, this request) and the user. We’ve determined that the various keyring services do not provide sufficient isolation for snap access for the interface to be auto-connected by default (since not only can your snap see all stored passwords, but all other applications with access to the password services can also see your snap’s passwords). Reviewers have historically voted to not auto-connect this interface due to the sensitive nature of the access and because preserving the user’s voice in this sensitive access is so important.
Today, snaps may choose to either check the access is available and instruct the user to run an additional command (either
snap connect or via the snap store GUI) or fallback to storing passwords locally. Ideally when instructing the user, the details of the access would be explained so the user could make an informed choice. It is true that there is an extra step for the user, but done well, this need not be onerous and may even provide additional trust that your snap and the system as a whole is working to keep the user’s passwords secure.
In the future, the snapd team plans to provide a prompt API for snaps to use that will not only provide appropriate messaging, but also allow the user to choose to connect within the prompt.
Finally, the desktop team has discussed the lack of isolation in secret-service with upstream GNOME and there are plans to improve the service to provide the necessary isolation for auto-connecting. Hopefully, KDE/Plasma will follow with kwallet or move to the improved service.