[Pidgin] #15705: very insecure storing of account informations
Pidgin
trac at pidgin.im
Sat Jul 27 04:44:26 EDT 2013
#15705: very insecure storing of account informations
----------------------------+---------------------------
Reporter: pidhunter | Owner:
Type: defect | Status: closed
Milestone: | Component: pidgin (gtk)
Version: 2.10.7 | Resolution: duplicate
Keywords: plain password |
----------------------------+---------------------------
Comment (by pidhunter):
No, is not a duplicate because https://crackstation.net/hashing-
security.htm explains that is generaly wrong with
\AppData?\Roaming\.purple\ is there a accounts.xml
The password has to salted before it come in a XML-Data and it has
unsalted before a application use it.
If pidgin.im does not fix this urgently, then a warning over other
platforms is needed today!
--
Ticket URL: <https://developer.pidgin.im/ticket/15705#comment:3>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list