[Enhancement] More secure storage of passwords #28
Labels
enhancement
New feature or request
Comments
|
Where is that json file? I am unable to edit one of the connections I made. An animated "loading" icon shows up where the Edit pencil should show up, but now I'm worried about leaving behind files with my password on them, encryped or not. Uninstalling and reinstalling didn't erase the connection. |
|
I want to manually delete any trace of this file. |
|
I'm gonna implement the possibility to ask for the password on connect without storing it anywhere, also, looking for more information on how to use third party key management programs. |
evsar3
referenced
this issue
Aug 26, 2020
|
Resource for asking for the password is finished and should be shipped in beta.2 at weekend. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the password is stored in plain text in a json file, which is a show stopper for anyone worried about security. Please consider possibly leveraging Windows's protected storage, or some other form of more secure password storage method.
Another alternative could be to allow leaving the Password field empty, and requesting it at connection time, and not storing it on disk afterward. Not as convenient, but may be a simpler alternative.
The text was updated successfully, but these errors were encountered: