Generally when you type in a password to anything, it is stored in a variable
in memory, virtual memory, possibly written to swap space, but those memory and
disk spaces are protected and ephemeral, so there is no easy access to them and
even then, they are hard to decipher.
In theory, one could encrypt it using a one-session generated random password
just to make it hard to find in a core dump file or if someone cared to search
your swap file pages. Then at write time during that same session, it can be
decrypted for use. Many encryption systems actually digest the password into
binary keys and discard it. I am no expert, as this is a fast evolving area.
Since we all type in passwords all day, there are industry standards one can
follow on how to acquire them, store them, use them.
GnuCash might also want a password after any period of inactivity, to protect
your data from house guests and the like. While PCs tend to promise this, I
see them not timing out oh so often. Web sites often do this.
On Tuesday, September 10, 2024 at 03:09:24 PM EDT, R Losey
<[email protected]> wrote:
Well, but think about it... after the password is entered, THEN what? The
"correct" password would have to be stored somewhere so that GnuCash could
verify what is entered is correct, and clearly saving the password in clear
text is not secure. Because the software is open source, anyone could read the
steps taken to secure the password, and that would be a huge help in breaking
the password.
On Mon, Sep 9, 2024 at 5:35 PM David G. Pickett via gnucash-user
<[email protected]> wrote:
Nobody suggested putting a password in gnucash, just a pop up dialog to ask the
user for it.
--
_________________________________
Richard Losey
[email protected]
Micah 6:8
_______________________________________________
gnucash-user mailing list
[email protected]
To update your subscription preferences or to unsubscribe:
https://lists.gnucash.org/mailman/listinfo/gnucash-user
-----
Please remember to CC this list on all your replies.
You can do this by using Reply-To-List or Reply-All.
