[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Setting location of auth cache - securing stored passwords

From: Andy Levy <andy.levy_at_gmail.com>
Date: Wed, 5 Aug 2009 06:29:38 -0400

On Wed, Aug 5, 2009 at 05:35, Zoltan Megyesi<cherry_at_ludens.elte.hu> wrote:
> Hi,
>
> I want to secure the stored passwords according to our company policies. For this, I need to place the password cache to a well encrypted location.
>
> Is there a way to set a different location for the auth (and password) cache than %appdata%/Subversion/auth?

The password should be encrypted already in that location using the
Windows Crypto API (assuming you're using a sufficiently recent
release of Subversion/TSVN). You should be more concerned with the
password storage on the server and over the wire; depending on how
your server is configured, they may be stored & transmitted in
plaintext there.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2380380

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2009-08-05 12:29:52 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.