On 22/04/15 09:04, Carsten Haitzler wrote: > raster pushed a commit to branch master. > > http://git.enlightenment.org/core/enlightenment.git/commit/?id=40a91376c6024b08e99981a61376be3927aa9c61 > > commit 40a91376c6024b08e99981a61376be3927aa9c61 > Author: Carsten Haitzler (Rasterman) <[email protected]> > Date: Wed Apr 22 17:03:44 2015 +0900 > > e screenlock config diloag - note insecureness for personal pw/pin > > these store pin/pw in your user config files - it may be primitively > hashed to obscure it, but it's there. it never pretended to have > secure storage and even saved cleartext until e19. make sure people > are aware
It's really not too different from cleartext. Well actually it is, because the hash is so shitty and only 32bit, it's more likely you'll get a different password to work than the real one, so maybe revealing the original password won't be easy with so many passwords working. :) Anyhow, glad you decided to mark it as insecure. -- Tom. ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ enlightenment-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
