Opened 5 years ago

Last modified 2 years ago

#4710 new defect

Save passwords in OS keyring

Reported by: rugk Owned by:
Priority: If Time Permits Milestone: Backlog
Component: Multiplayer lobby Keywords: security
Cc: Patch:

Description (last modified by Stan`)

This is really a low-priority idea, but IMHO it is a nice idea for a FLOSS project. Maybe something for contributors…

Currently you save the password in the config file of 0ad. It is hashed, that is good. However, it can be imroved by using a well-known mechanism for storing password, whcih (nearly) each OS has: Keyrings or Keychains.

So using well-proven/standard techniques you can store the password in the keyrings of KDE/Gnome or Max OS. All, of course, offer APIs for that, but they are likely very different. So maybe it is a long-term goal, but as 0ad is an open-source project I could imagine this being a tiny thing, which can set it apart from the competition, which likely do all crazy things with passwords instead of using the proper™ way… :rolleyes:

BTW, there are even ways to use this on Windows[1][2], but probably that is kind of difficult, so IMHO the focus should be on the Linux/MacOSD implementation if anybody is interested in this.

[1] https://msdn.microsoft.com/en-us/library/aa374731(v=VS.85).aspx#credentials_management_functions

[2] https://stackoverflow.com/questions/442923/windows-equivalent-of-os-x-keychain

[3] https://stackoverflow.com/questions/9221245/how-do-i-store-and-retrieve-credentials-from-the-windows-vault-credential-manage

Change History (1)

comment:1 by Stan`, 2 years ago

Description: modified (diff)
Note: See TracTickets for help on using tickets.