Accounts.xml stores passwords in plain text.

Billy Crook billycrook at gmail.com
Mon Dec 17 14:35:57 EST 2007


How else would you like to store your passwords?

Before you say "encrypt them" think about what that would mean.
Pidgin must present the actual passwords to your chat server, not some
encrypted blob.  Further, most chat protocols themselves don't encrypt
your passwords during transit, so encrypting them on the disk won't do
any good.

Consider using LUKS, and strong but different volume and login
passwords if you actually *want* to protect the information on your
computer.
http://luks.endorphin.org/

On Dec 17, 2007 1:14 PM,  <bigblueguy at sympatico.ca> wrote:
> The file accounts.xml stores passwords in plain text.  Is this going to be
> changed?  This could potentially be a security issue.
>
>
> _______________________________________________
> Devel mailing list
> Devel at pidgin.im
> http://pidgin.im/cgi-bin/mailman/listinfo/devel
>




More information about the Devel mailing list