Timeline for Open source desktop application and security
Current License: CC BY-SA 3.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 5, 2018 at 7:38 | comment | added | Neil | @zimath Well honestly I don't know how PgAdmin works personally. Generally you'd only save a hash of a password so that you could never figure out the password from its hash, then send the hash to the server not the actual password. Though for a database, maybe you'd have to use two-way encryption, which means you could in theory determine the password if you knew how the program worked. Though we're also talking about a user to the database with its own permissions and limitations. The harm is only as bad as the level of permissions of the user. It isn't user/password to server itself. | |
| Mar 3, 2018 at 21:09 | comment | added | Mathieu THEBAUD | I have another example to ask : when I use a software like "PgAdmin" (database client), I have an option when I'm connecting to my database to "Save my password". Is this "Save my password" option using this kind of solution ? I suppose (and hope!) that PgAdmin doesn't store my DB password in a clear text file on my computer. I'm having trouble exactly understanding how this work in this kind of situation. | |
| Mar 3, 2018 at 13:00 | vote | accept | Mathieu THEBAUD | ||
| Mar 2, 2018 at 11:26 | history | edited | Neil | CC BY-SA 3.0 |
added 911 characters in body
|
| Mar 2, 2018 at 11:20 | history | answered | Neil | CC BY-SA 3.0 |