Version 6 (modified by 11 years ago) (diff) | ,
---|
Keyrings cryptographically secure your password in a way that would generally be more secure (although not perfect). It would require a master password, shared amongst all the applications on your computer, to get at your passwords.
Pidgin 2.x.y does not support storing passwords in keyrings; currently you must either store passwords unencrypted or not at all (why? see PlainTextPasswords). However, 3.0.0 will support this feature.
Status
This is being actively worked on by Tomasz Wasilczyk in the soc.2008.masterpassword branch of https://hg.pidgin.im/cpw/tomkiewicz/masterpassword. The code has not been merged into the main development tree yet, but it's ready for a review.
This code initially came from a Google Summer of Code project in 2008.
Related tickets
Specific keyrings
Internal keyring
Status: implemented
It works in two modes: cleartext (passwords are stored unencrypted, as before) and using encryption with a master key. User needs to provide a master password once per every Pidgin startup. It uses AES-256 for encryption and PBKDF2-SHA256 for key derivation.
GNOME Keyring and KWallet
Status: implemented
These are the GNOME and KDE specific keyrings, where user needs to provide a master password once (depending on configuration) per system startup.
Freedesktop Secret Service API
Status: partially implemented, not integrated
It's intended to provide a standard interface for Linux apps to store passwords and similar stuff.
Pidgin connects to the Secret Service DBus API to store and retrieve passwords. There are several libraries to do this, including libsecret and python-keyring.
Windows credential manager
Status: implemented
This keyring encrypts passwords using Windows user account data. Its security depends on system configuration - encryption does nothing, if user’s account isn’t even protected with password.
KeePass
Status: not implemented
Cross-platform, open-source password manager.
Integrating KeePass with Pidgin would involve either writing a KeePass plug-in, or using one of the existing plugins that facilitate communicating with other apps. See for example KeeFox (KeePass–Firefox bridge), which includes the KeePassRPC plugin.
Mac OS Keychain
Status: not implemented
This is Mac OS specific keyring. Here is Apple's developer documentation for it.