[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gcmd-dev] [FIX] Drop usage of GNOME authentication manager for pass
From: |
Michael |
Subject: |
Re: [gcmd-dev] [FIX] Drop usage of GNOME authentication manager for password handling |
Date: |
Thu, 22 Sep 2011 16:03:38 +0200 |
User-agent: |
claws-mail.org |
Piotr Eljasiak,
> I'm currently working on using gnome-keyring exclusively, so it would
> not be the problem soon (BTW this is the last blocker for 1.4)
Good news !
But it probably a good idea to still keep the internal storage, for comparing /
testing and as fallback.
> The latter is not recommended as gcmd keeps passwords in plain text.
But, isn't the network transmission (i.e. the protocol encryption) the critical
thing, because there could be some 'man in the middle' at any point in the WAN
chain (servers and routers). If some assumed trojan, or a unauthorized person,
had access to your harddrive, you're already lost anyway.
Well, probably even that file could be encrypted by gpg if that eases the worry.
And if you're paranoid you'll never keep a password anywhere on any computer,
encrypted or not...