Re: [PATCH] Obfuscate auth info

From: Ph. Marek <philipp.marek_at_bmlv.gv.at>
Date: 2006-10-19 10:30:39 CEST

On Thursday 19 October 2006 10:11, Branko Čibej wrote:
> AFAIK, since at least Windows 2000, the LanMAN hash is no longer stored
> in the registry by default. Guess why.
>
> It is *not true* that any password storage mechanism is insecure ...
> Mac's keychain, or Window's FS encryption certificate, can only be
> unlocked with the user's password -- that's done exactly once when the
> user logs in, the session keys are stored in secure memory (presumably)
> and go away when the user logs out.
Which is similar to the ssh-agent problem I mentioned.
Walk to the machine when the user has gone to fetch a coffee, and you're
in ...

I have to admit that it depends on the security you need, and what you want to
protect against. YMMV.

Regards,

Phil

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Oct 19 10:31:09 2006

This message: [ Message body ]
Next message: Samay: "Re: [PATCH] Obfuscate auth info"
Previous message: Branko Čibej: "Re: [PATCH] Obfuscate auth info"
In reply to: Branko Čibej: "Re: [PATCH] Obfuscate auth info"
Next in thread: Alex Holst: "Re: [PATCH] Obfuscate auth info"
Reply: Alex Holst: "Re: [PATCH] Obfuscate auth info"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]