master password gsoc project
Geoffrey Antos
geoffrey.antos at gmail.com
Wed May 21 21:37:38 EDT 2008
Richard Laager wrote:
> On Wed, 2008-05-21 at 23:50 +0200, Vivien Bernet-Rollande wrote:
>
>> The way I see it is the following : by default, the plugin works in a
>> totally transparent way. The user never gets prompted anything,
>> password are secured with his system password, simple, clean and easy.
>>
>
> Agreed.
>
>
>> But from the configuration interface, the user could set a master
>> password, adding an extra layer of security (in case the system
>> account is shared by multiple users for instance).
>>
>
> Then they should use multiple OS users instead.
>
By default, this is fine, but a generic backend using a master password
might
still be reasonable. A non-Gnome, non-KDE user may not have an appropriate
desktop-specific password safe available. Pidgin Portable should allow users
to store encrypted passwords on the USB drive in case the drive is lost
or stolen,
and shouldn't save passwords to the Windows account.
Also, are their any users who use Pidgin when an X11 session is
available, but use
ssh + finch when one isn't? Can gnome-keyring and the KDE-equivalent provide
interfaces allowing them to be used without an X11 display? If not,
perhaps the
platform-independent 'master password' could be used as a fall-back.
Other possible backend ideas for finch users could include using a
public/private
key-pair from gpg-agent or ssh-agent
-Geoffrey Antos
More information about the Devel
mailing list