I learned recently that my favorite opensource and multi-protocol instant messenger client stores my passwords in plain text. Yeah thats right! once other users got hold with your machine and type the following "%appdata%\.purple\accounts.xml" on the run or search box then say goodbye to your privacy. The xml file where pidgin stores your passwords are not encrypted and can be open as plain text using your favorite text editor as shown below.
What were they (Pidgin developers) thinking? Read here
I therefore conclude that the best way to secure password is not to allow your IM client store your passwords.
nice!! blog .. not a good news though :P u shld try and fix this.. its open source ..
ReplyDeletehmm, i'm surprised at tis piece of info !!!
ReplyDeleteSo how can v fix it ?
just read thru the link i.e.http://developer.pidgin.im/wiki/PlainTextPasswords . we can understand why they(developers) have done so . yup lets try to fix it together
ReplyDelete