password safes for mac
schism at subverted.org
schism at subverted.org
Tue Jun 30 12:34:12 EDT 2009
On Mon, Jun 29, 2009 at 11:29:48PM -0700, Jacob Appelbaum wrote:
> This would be great if LoginWindow.app didn't store your unencrypted
> login and password in memory for your entire session (including screen
> lock, suspend to ram and hibernate).
For what it's worth this only happens at login and doesn't reopen when
unlocking the screen. I have conditioned myself to lock my keychain
upon login and see no ill effects; there still remains the question of
whether locking a keychain actually does anything to wipe the
credentials from memory.
As an aside, I was wrong about the discontinuation of the SWT
PasswordSafe. It seems the passwordsafe team split it off as a separate
project, available at http://sourceforge.net/projects/jpwsafe. That
said, their latest release doesn't work out of the box on Leopard due to
their bundling a 32-bit version of SWT.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list