[Pidgin] #803: password stored as plain text
Pidgin
trac at pidgin.im
Wed May 9 08:11:15 EDT 2007
#803: password stored as plain text
------------------------+---------------------------------------------------
Reporter: cobra582 | Owner:
Type: defect | Status: closed
Priority: minor | Milestone:
Component: libpurple | Version: 2.0
Resolution: wontfix | Keywords: unencrypted password
Pending: 0 |
------------------------+---------------------------------------------------
Comment (by lschiere):
1)gnome-keyring requires gnome, which Pidgin does not and will not.
2)gnome-keyring does not change anything. I'm not sure exactly how it
works, but it is either a case of keeping all your passwords unecrypted in
memory after you authenticate against it once, in which case anyone with
access to read your .purple/accounts.xml can also get to its memory with a
debugger and get your passwords, or it is a case of hiding a password
behind a password, in which case your statement about having to type a
password every day in front of others still applies.
--
Ticket URL: <http://developer.pidgin.im/ticket/803#comment:3>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list