Recently I was quite shocked when I looked in my .gaimrc file and found that it stored passwords in clear text.
Then whilst reading the NWAM spec it mentioned that wifi passwords are also stored in clear text. This does not seem ideal. And having to enter all your passwords every !...@*# time is also a PITA... ...using Kerberos is not the right answer - unless every host is its own KDC. So what I'd like to suggest is that Solaris provides access to an encrypted storage "device" that applications can use to put "sensitive" material in. I understand that unless a password is asked for every time it is needed, there is no way 100% to keep it secret, but right now the bar is very very low and needs to be raised. Ideally this secured storage would be unlocked for a user's session when they login with their normal password for ease of use reasons. I'm not sure if there should be limits on what it can be used for. If Microsoft can hide usernames and passwords in their registry in a manner that defeats at least casual browsing, what can we do? Thoughts? Darren
