Ubuntu
seahorse package

passwords not secure or encrypted

Asked by Bryan Hood

1) Applications -> Accessories -> Passwords and Encryption Keys
2) In passwords tab, click "Passwords: login"
3) Select a password, right click and select properties
4) Click Password
5) In dialogue box, press Allow Once
6) Click checkbox to show password

The password appears and is not encrypted. I did not have to enter any master password either. This seems like a vulnerability to me. Is there any way to prevent my passwords from being accessible? I can see both Empathy and Gnome-Do passwords.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu seahorse Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Soul-Sing (soulzing) said : 		#1

No this is normal. When you enable automatic login, the keys/passwords are NOT visible. If I personally like this?
No, but is not a bug, it is how ubuntu should work.....

Revision history for this message
David Tomaschik (matir) said : 		#2

Seahorse accesses your Gnome keyring, which IS stored in an encrypted form on disk. However, when you log into your system, your password is used to decrypt your keyring. (if you were to change your password, you'd be asked for your Gnome-keyring password on the next login, which would be your old password.)

If you want to see the files on disk, take a look in ~/.gnome2/keyrings/

Can you help with this problem?

Provide an answer of your own, or ask Bryan Hood for more information if necessary.

To post a message you must log in.