plain-text password

Asked by Marcus Dowling on 2012-05-18

Hi,

First of all I want to thank you for your great work on the wicd network manager!

I have a concern that I wan't to share with you.
In the WICD config file passwords are stored in plain tekst. This is an issue.
As the IT world is on the eve of getting more and more users that make use of the Bring Your Own concept.
The storing of passwords plaintext is becoming an issue.
Please consider using an encryption algorithem like RIJNDAEL in the interface. This will prevent the leaking of passwords.

Thank you and keep up the good work.

Question information

Language:
English Edit question
Status:
Answered
For:
wicd Edit question
Assignee:
No assignee Edit question
Last query:
2012-05-18
Last reply:
2012-05-19
Adam Blackburn (adamblackburn) said : #1

We wanted it to be able to connect during boot which it would be unable to do if the passwords were encrypted. If the passwords are encrypted with a key known to wicd, then it would provide a false sense of security since it would be possible to extract the key from the program's source code. At any rate, they're not visible to any users other than root via the filesystem.

Can you help with this problem?

Provide an answer of your own, or ask Marcus Dowling for more information if necessary.

To post a message you must log in.