Password encryption
Venkatasamy,Venkat
vvenkatasamy at apcapital.com
Mon Mar 17 09:51:31 EDT 2008
The helpdesk support team will have local admin access in all the
computers. The members will be able to access the profile folders for
all users. In this case, I belive this is a not a secure solution.
________________________________
From: David Balazic [mailto:David.Balazic at hermes-softlab.com]
Sent: Monday, March 17, 2008 9:49 AM
To: Venkatasamy,Venkat; Peter Robev
Cc: support at pidgin.im
Subject: RE: Password encryption
Of course.
YOU can read it.. Noone else can.
________________________________
From: support-bounces at pidgin.im
[mailto:support-bounces at pidgin.im] On Behalf Of Venkatasamy,Venkat
Sent: Monday, March 17, 2008 2:35 PM
To: David Balazic; Peter Robev
Cc: support at pidgin.im
Subject: RE: Password encryption
I tried encrypting the .purple folder and tested saving my
password in the IM client. When I opened the accounts.xml I found my
password uncrypted.
________________________________
From: David Balazic [mailto:David.Balazic at hermes-softlab.com]
Sent: Monday, March 17, 2008 9:32 AM
To: Venkatasamy,Venkat; Peter Robev
Cc: support at pidgin.im
Subject: RE: Password encryption
It _IS_ secure. This is not some "I wrote it during the weekend"
encryption.
It is real, tried and tested encryption.
David
________________________________
From: support-bounces at pidgin.im
[mailto:support-bounces at pidgin.im] On Behalf Of Venkatasamy,Venkat
Sent: Monday, March 17, 2008 12:57 PM
To: Peter Robev; David Balazic
Cc: support at pidgin.im
Subject: RE: Password encryption
This is not going to help to solve the issue. I belive
David refers to encrypting the .purple directory. But local
administrators of the computer will be able to decrypt the folder and
access the password. This is not a secure workaround.
i would like to hash the password so it should not be
visible even to the user who stores the password.
________________________________
From: Peter Robev [mailto:probev at gmail.com]
Sent: Saturday, March 15, 2008 9:55 AM
To: David Balazic
Cc: Venkatasamy,Venkat; support at pidgin.im
Subject: Re: Password encryption
??????????????
Where do you see that ???
2008/3/15 David Balazic
<David.Balazic at hermes-softlab.com>:
File(Directory) Properties / Advanced ... /
Encrypt contents to secure data
________________________________
From: support-bounces at pidgin.im on behalf of
Venkatasamy,Venkat
Sent: Fri 14-Mar-08 17:54
To: support at pidgin.im
Subject: Password encryption
We came to know that Pidgin does not encrypt the
users' password when
they choose "Remember Password" options in the
accounts windows.
Is there any workaround for this as this will be
security issue in any
organization as local administrators having
access to the .purple
folder.
Thanks
Venkat
CONFIDENTIALITY STATEMENT
This communication and any attachments are
CONFIDENTIAL and may
be protected by one or more legal privileges. It
is intended
solely for the use of the addressee identified
above. If you
are not the intended recipient, any use,
disclosure, copying
or distribution of this communication is
UNAUTHORIZED. Neither
this information block, the typed name of the
sender, nor
anything else in this message is intended to
constitute an
electronic signature unless a specific statement
to the
contrary is included in this message. If you
have received this
communication in error, please immediately
contact me and delete
this communication from your computer. Thank
you.
_______________________________________________
Support mailing list
Support at pidgin.im
http://pidgin.im/cgi-bin/mailman/listinfo/support
_______________________________________________
Support mailing list
Support at pidgin.im
http://pidgin.im/cgi-bin/mailman/listinfo/support
________________________________
CONFIDENTIALITY STATEMENT
This communication and any attachments are CONFIDENTIAL
and may be protected by one or more legal privileges. It is intended
solely for the use of the addressee identified above. If you are not the
intended recipient, any use, disclosure, copying or distribution of this
communication is UNAUTHORIZED. Neither this information block, the typed
name of the sender, nor anything else in this message is intended to
constitute an electronic signature unless a specific statement to the
contrary is included in this message. If you have received this
communication in error, please immediately contact me and delete this
communication from your computer. Thank you.
________________________________
________________________________
CONFIDENTIALITY STATEMENT
This communication and any attachments are CONFIDENTIAL and may
be protected by one or more legal privileges. It is intended solely for
the use of the addressee identified above. If you are not the intended
recipient, any use, disclosure, copying or distribution of this
communication is UNAUTHORIZED. Neither this information block, the typed
name of the sender, nor anything else in this message is intended to
constitute an electronic signature unless a specific statement to the
contrary is included in this message. If you have received this
communication in error, please immediately contact me and delete this
communication from your computer. Thank you.
________________________________
CONFIDENTIALITY STATEMENT
This communication and any attachments are CONFIDENTIAL and may
be protected by one or more legal privileges. It is intended
solely for the use of the addressee identified above. If you
are not the intended recipient, any use, disclosure, copying
or distribution of this communication is UNAUTHORIZED. Neither
this information block, the typed name of the sender, nor
anything else in this message is intended to constitute an
electronic signature unless a specific statement to the
contrary is included in this message. If you have received this
communication in error, please immediately contact me and delete
this communication from your computer. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pidgin.im/pipermail/support/attachments/20080317/f43fc391/attachment.html>
More information about the Support
mailing list