Bugs item #1682938, was opened at 2007-03-17 22:34
Message generated for change (Comment added) made by lschiere
You can respond by visiting: 

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: v1.5.0
Status: Closed
Resolution: Invalid
Priority: 5
Private: No
Submitted By: Chucks (chuck_s)
Assigned to: Nobody/Anonymous (nobody)
Summary: GAIM doesnt encrypt account passwords in accounts.xml

Initial Comment:
A friend of mine informed me that gaim doesnt encrypt passwords, so I went 
digging.  Sure enough, he's correct.  Gaim stores saved passwords as plaintext 
on the filesystem in ~/.gaim/accounts.xml

This may have been fixed in the 2.0 series, but I am not yet using 2.0.  If 
this has been resolved in the 2.0, please reply with an acknowledgment of the 

Thank you!


>Comment By: Luke Schierer (lschiere)
Date: 2007-03-19 10:23

Logged In: YES 
Originator: NO

I do not know what the current situation is with Firefox's master password
option, but I know that the last time I tried it (admittedly some time
ago), it was a good way to utterly lose all your saved information.  It was
very buggy.  

I bring this up to highlight just some of the problems with attempting to
implement such an option.  It has to be done right, it has to be bugless,
and it has to be immutable, or users will lose important account
information.  Based on the user interaction I have, it is safe to assume
that a substantial number of users tell gaim (or some other client) to save
their password, and then forget it.  A month from now, when some bug in the
master password option crops up, and destroys their account info, they will
no longer know what passwords they saved. 

There is, however, a larger problem with this solution.  That password
will be stored to disk, in some form.  Just as the /etc/passwd file must be
protected (or programs such as john the ripper can be run against it), this
file would need to be.  Loss of it would *necessarily* be equivalent to
having lost your ~/.gaim/accounts.xml file because you would have to assume
that the file had been compromised (cracked).  Again using /etc/passwd as
an example, john can recover many passwords from a typical /etc/passwd file
within a day.  If you use one of the two distributed forms of john, you can
shorten that even more drastically.

In short, once the attacker has read access to your ~/.gaim, you need to
change all your passwords.  Period.  You have thus added no real security
by making the user enter in some master password to read the others, but
only the *false* perception of security.  As I argued in
plaintextpasswords, this is, in my opinion, worse than saving plain text
passwords to a config file. 


Comment By: Arudil (arudil)
Date: 2007-03-19 08:39

Logged In: YES 
Originator: NO

what about a master password (like in firefox)?


Comment By: Stu Tomlinson (nosnilmot)
Date: 2007-03-17 23:19

Logged In: YES 
Originator: NO



You can respond by visiting: 

Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
Gaim-bugs mailing list

Reply via email to