On Apr 28, 2010, at 7:12 PM, Bill Shannon wrote:
> [...]
> And remember, if someone uses the --savemasterpassword option, the
> password will be stored in clear text in the file. This is not new.
When I try this, I don't see the password stored anywhere in clear
text (but it's working as I'm not prompted for master password at
startup). Can you point me to where it's stored?
If it's not stored in the clear, then the most secure thing the
upgrade tool can do is have users use the --storemasterpassword option
before running an upgrade if it's not the default. Then they could
change the password again without it after the upgrade. That means I
could rip the credentials code out of the tool, and the security
problem turns into a minor doc change.
Does anyone besides me like that idea? ("Nice try, Bobby" is an
acceptable answer.)
Thanks,
Bobby