[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Non-persistent storing of username & password?

From: Andy Levy <andy.levy_at_gmail.com>
Date: Tue, 24 Apr 2012 06:11:41 -0400

On Tue, Apr 24, 2012 at 03:33, Jan Peter Stotz <jpstotz_at_gmx.de> wrote:
> Hi,
> I was wondering if there are plans for TortoiseSVN to implement a possibility to save username & password for a session only (no persistent storage on disk where both could be stolen).
> I have a lot of SVN repositories that are using the same single-sign-on credential which I don't want to expose by saving it unprotected to disk.
> Therefore a session bases password storage would be fine. As TortoiseSVN already has a use-based session process (TSVNCache) it would be easy from my point of view to use it as in-memory credential storage.

Subversion has no notion of "sessions."

Your credentials are not stored in plain text. They are stored using
the Windows crypto API. The only way someone could get your
credentials from your client workstation is if you remained logged in,
or your Windows credentials were compromised.


To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2012-04-24 12:12:30 CEST

This is an archived mail posted to the TortoiseSVN Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.