Marcelo Magno T. Sales wrote: >> Some kind soul pointed out that one could get rid >> of the demand by NM for a keyring password >> by deleting .gnome2/keyrings/default.keyring >> and then giving an empty password when requested. >> >> But that made me wonder what possible point >> the keyring password could have? >> Is it intended as some kind of security device? >> As far as I can see, you have to be logged in to run NM, >> and if you are logged in you can delete this file. >> >> I might say the same about the KDE wallet system. >> How does this make one's part of the system more secure, >> since it is open to you to change the wallet password, >> or even to make it empty? > > Don't know about gnome keyring, but in KWallet you can change a wallet's > password only if you know the previous one. If you delete the default > wallet you can choose whatever password you like when it's recreated, of > course. But if you do delete one of the wallets, then you loose all > passwords stored in it, so I would say they are indeed protected. > There's no way of recovering the passwords stored in a wallet without > knowing the wallet's password. > I believe gnome keyring behaves the same way. ... > The purpose of wallets and keyrings is to make your life easier by > having to remember just one password, the one that opens your wallet. > All the others can be securely stored in the wallet. However, if you > loose the wallet's password, then you loose all passwords stored in it. Thanks, I guess that makes quite a lot of sense. Actually, I use the same password for everything, as my great fear is I will forget some password and never be able to use kmail or whatever again. So the KDE wallet system is not really much use for me. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
