I am a bit confused now al that talk about a Master password? Yes, and as above people said, all your mentioned tools have easily readable passwords. To encrypt something, you need to have a decryption key. How would you decrypt them then? This applies to any program, where you have any data that needs to be encrypted. You can't encrypt the passwords without a master password. In this case I prefer the option as used by winbox as now you are aware of the risk and in case of thunderbird you are not. Of time until the bad guys find out how that is done and replicate it. It always has to be like this because the program itself has to be able to retrieve the plain password and it is only a matter You think you are safe because you cannotĭo it using notepad, but the hacker who has stolen your file knows how to do it! Except when you used a master password. Tools are available to get it from the file when the file has been stolen. You may think that your password is safe in thunderbird when you are not using a master password, but IT IS NOT!! Programs like thunderbird can use option 1 or 2, programs like winbox use option 1 or 3. The client cannot do that, it has to store the password itself as it needs that later to be sent to the server.ġ - encrypted by a master password that can be used to decrypt it once requiredĢ - obfuscated (stored encrypted by a fixed password or algorithm) The server can store a hashed password that cannot be reversed except by brute force. You clearly have no understanding of the situation.įirst, there is a big difference between the storage of passwords on a server (where they are used to authenticate the user) and on a client (where they are stored for convenience to the user). Oh, and you can read the passwords of thunderbird or firefox JUST FINE. Your are using ICQ!) that is afraid to use winbox, then please, by all means, do not use it. If you are such a power user (you must be. I have drawn my conclusions.Īnd if the manufacturer does not want to do anything - there are a lot of other manufacturers, more competent.īut who will return the money (and the damage after hacking)? Mikrotik equipment is not cheapest.ĭo not fool me. So why expose people to danger?įirst of all, the manufacturer should take minimum efforts to protect customers. If you can not steal files from someone else's computer - it doesn't mean that no one can. In any program, such as Skype, ICQ, What's up, Thundebird etc (you know about the existence of such programs?), Passwords can not be read, even if they are saved. I just said about the manufacturer's oversight, and you're proving to me that everything is perfectly well thought out. I have never seen people that you say "You have shit on pants" and he said "they are new and clean."
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |