Imho, it should share the same password as user password or it will be very confusing.

If I understand correctly, today only the password is used for VM creation, and nothing else is done with it.

The Spice VM is not shared / exposed on the network.

The user session isn't logged in / unlocked when Boxes user connects to it.

Instead, I think we should:

- protect the session and Spice connection with user password
- store password in keyring
- when connecting, authenticate to spice and login/unlock with known password
- when the VM is made accessible over the network, it will be protected with same password
- when connecting with Boxes to a remote VM (either shared Box or vnc/rdp etc.), ask and store the user/password
- if the user changes password in Boxes, change both VM and spice password
- if the user changes password in Guest, ignore fail attempt to login/unlock and let the user interact with VM to do so.

Well we haven't been setting a spice password on VMs for a while now so we want to have this option, IMO it should be done as part of bug#694854.

*** This bug has been marked as a duplicate of bug 694854 ***