[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] Obfuscate auth info

From: Branko Čibej <brane_at_xbc.nu>
Date: 2006-10-19 10:11:58 CEST

Ph. Marek wrote:
> On Wednesday 18 October 2006 23:57, Alex Holst wrote:
>
>> I claim that, regardless of what warning might appear in the password
>> file, obfuscated auth data will result in many users/admins/managers
>> thinking it takes a lot of effort to recover their password. Anyone who
>> has ever dealt with users or managers knows I'm not kidding.
>>
>> Which is greater? The cost of educating users who post to the mailing
>> list about clear text passwords or the very likely possibility that
>> a user will shoot themselves in the foot because they didn't feel a need
>> to investigate ssh keys, certs or kerberos auth?
>>
>
> I'd like to throw in that even on OS with a "password storage mechanism" (like
> WinNT, WinXP etc) that stores a *cleartext* equivalent in the registry.
> If you say "connect this windows share, remember my password" the password is
> stored as a LanMAN hash - which is *exactly* what is needed to connect to the
> remote site, and can be used for this purpose.
>

AFAIK, since at least Windows 2000, the LanMAN hash is no longer stored
in the registry by default. Guess why.

It is *not true* that any password storage mechanism is insecure ...
Mac's keychain, or Window's FS encryption certificate, can only be
unlocked with the user's password -- that's done exactly once when the
user logs in, the session keys are stored in secure memory (presumably)
and go away when the user logs out.

-- Brane

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Oct 19 10:12:33 2006

This is an archived mail posted to the Subversion Dev mailing list.