RE: Cached client credentials not encrypted on Win2K with Subversion 1.2.3.
From: Joel Kuehner <jkuehne1_at_irf.com>
Date: 2005-12-15 00:38:21 CET
OK, but these threads seem to be discussing the plain-text nature of the stored password. I am fine with that.
I am referring to the apparent discrepancy between the behavior I see (file not encrypted) and the following paragraph from the Client Credentials Caching section of the Subversion Book (1.2):
"On Windows 2000 and later, the Subversion client uses standard Windows cryptography services to encrypt the password on disk. Because the encryption key is managed by Windows and is tied to the user's own login credentials, only the user can decrypt the cached password. (Note: if the the user's Windows account password is changed, all of the cached passwords become undecipherable. The Subversion client will behave as if they don't exist, prompting for passwords when required.)"
My Subversion installation does not seem to comply with this paragraph.
This is very normal, and has been for quite some time. There have been
Also - check out this FAQ -
This is an archived mail posted to the Subversion Users mailing list.