Project

General

Profile

Task #1901

Feature #1888: Use secure storage for input passwords

Feature #1893: Create advanced XML secure password widget

Create secure storage module

Added by Luke Murphey almost 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Start date:
06/22/2017
Due date:
% Done:

100%

History

#1 Updated by Luke Murphey almost 7 years ago

  • Status changed from New to In Progress

#2 Updated by Luke Murphey almost 7 years ago

  • % Done changed from 0 to 70

I have a module that works but has some more work needed:

  1. Need to verify that the cleartext password is being removed
  2. Need to make sure that the correct entry is being loaded (since multiple entries with the same realm can be created)

I could still store the username in the conf file and keep the realm as the unique identifier.

#3 Updated by Luke Murphey over 6 years ago

I need to make sure that I can figure out which entry is the correct one to load. My options are:

  1. Store username in the conf, only use realm to identify the password
  2. Delete all related entries before creating a new one
  3. Store stanza name in conf

#4 Updated by Luke Murphey over 6 years ago

Storing the username in conf is the approach I am using because:

  1. Secure storage requires a password, thus just storing a username isn't possible
  2. Changing the username means the stanza name changes too for secure storage making the entry hard to find

#5 Updated by Luke Murphey over 6 years ago

The password field won't clear and thus isn't removing the password from the conf file.

Observations:
  1. Removing the clear creds function doesn't help

#6 Updated by Luke Murphey over 6 years ago

To test:
  1. Existing cleartext password is loaded
  2. Upon save, the cleartext password is removed
  3. If the password or username is cleared, existing secure credentials are removed
  4. Stanza name for password is properly created on creation and editing

#7 Updated by Luke Murphey over 6 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 70 to 100

Also available in: Atom PDF