How to save passwords more secure?!

Jeff Sadowski jeff.sadowski at gmail.com
Sun Jun 22 01:18:29 EDT 2008


A kludge that would be the easiest to implement would be to have
~/.purple be a cryptomouted directory that is mounted before pidgin is
started. It is easy to implement with scripts. and after you are
logged in it can be unmounted.

On Sat, Jun 21, 2008 at 10:42 PM, Casey Harkins <caseyharkins at gmail.com> wrote:
> On Sun, 2008-06-22 at 02:45 +0200, skyout at wired-security.net wrote:
>> So my question is: Isn't there a more secure and better way to save
>> passwords
>
> As Hylke already responded with a link to the relevant wiki page, I
> assume this and most of your other points were addressed.
>
>>
>> Just a suggestion: Would it work to make something like a hash algorithm
>> (maybe
>> use an existing like SHA-512)
>
> I just wanted to point out that hashing is not really an option. The
> servers we authenticate with need the real password, not a hash. Since
> hashing is one-way, we wouldn't be able to authenticate with only a
> hash. If servers accepted a hash, then we're back to square one as the
> hash could be pulled from the file and sent directly to the
> server. (This should probably get added to the wiki page too as I think
> its come up a few times.)
>
>
> -casey
>
>
>
> _______________________________________________
> Devel mailing list
> Devel at pidgin.im
> http://pidgin.im/cgi-bin/mailman/listinfo/devel
>


More information about the Devel mailing list