Re: Non-persistent storing of username & password?

From: Andy Levy <andy.levy_at_gmail.com>
Date: Tue, 24 Apr 2012 06:11:41 -0400

On Tue, Apr 24, 2012 at 03:33, Jan Peter Stotz <jpstotz_at_gmx.de> wrote:
> Hi,
>
> I was wondering if there are plans for TortoiseSVN to implement a possibility to save username & password for a session only (no persistent storage on disk where both could be stolen).
>
> I have a lot of SVN repositories that are using the same single-sign-on credential which I don't want to expose by saving it unprotected to disk.
>
> Therefore a session bases password storage would be fine. As TortoiseSVN already has a use-based session process (TSVNCache) it would be easy from my point of view to use it as in-memory credential storage.

Subversion has no notion of "sessions."

Your credentials are not stored in plain text. They are stored using
the Windows crypto API. The only way someone could get your
credentials from your client workstation is if you remained logged in,
or your Windows credentials were compromised.

------------------------------------------------------
http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2951426

To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2012-04-24 12:12:30 CEST

This message: [ Message body ]
Next message: SVN Great Fan: "Transfer size for switch/update operation"
Previous message: Jan Peter Stotz: "Non-persistent storing of username & password?"
In reply to: Jan Peter Stotz: "Non-persistent storing of username & password?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]