master password gsoc project
geoffrey.antos at gmail.com
Wed May 21 21:37:38 EDT 2008
Richard Laager wrote:
> On Wed, 2008-05-21 at 23:50 +0200, Vivien Bernet-Rollande wrote:
>> The way I see it is the following : by default, the plugin works in a
>> totally transparent way. The user never gets prompted anything,
>> password are secured with his system password, simple, clean and easy.
>> But from the configuration interface, the user could set a master
>> password, adding an extra layer of security (in case the system
>> account is shared by multiple users for instance).
> Then they should use multiple OS users instead.
By default, this is fine, but a generic backend using a master password
still be reasonable. A non-Gnome, non-KDE user may not have an appropriate
desktop-specific password safe available. Pidgin Portable should allow users
to store encrypted passwords on the USB drive in case the drive is lost
and shouldn't save passwords to the Windows account.
Also, are their any users who use Pidgin when an X11 session is
available, but use
ssh + finch when one isn't? Can gnome-keyring and the KDE-equivalent provide
interfaces allowing them to be used without an X11 display? If not,
platform-independent 'master password' could be used as a fall-back.
Other possible backend ideas for finch users could include using a
key-pair from gpg-agent or ssh-agent
More information about the Devel