Friday, 26 October 2018

security - How easy is it to recover a password stored in an application?


For the sake of easy use, I let the application to store my passwords. Several important passwords related to my hosting accounts are stored in Opera, Putty and Filezilla. I guess this might be an important security hole, isn't it? How easy is it to recover a password from these applications?



Answer



It's fairly easy - any reasonably competent computer user could probably do it.


Of course, that is only a security risk if you assume that someone can read the files on your hard drive. And if it's a virus/trojan doing this, it could already be logging your keystrokes anyway. So I'd say, if you enter passwords on a computer, it's generally ok to store them as well, unless it's a shared system without user-level security.


BTW, many apps allow encrypting the password store (Firefox e.g. does). That should be secure (unless a keylogger is installed, see above).


No comments:

Post a Comment

Where does Skype save my contact's avatars in Linux?

I'm using Skype on Linux. Where can I find images cached by skype of my contact's avatars? Answer I wanted to get those Skype avat...