On Tue, 2009-09-22 at 13:17 +0100, Zhu, Yongsheng wrote: > I prefer to 'not showing password' when printing config for the > purpose of password protection. Password exposure could > increase the risk of information security. I think typically users > don't often want to see passwords.
Well, I have the situation right now where I'd love to see a password in another app on Windows. The app has the password, I don't remember what it is, and the app is not offering me an option to show it to me. Okay, so for the sake of consistency (other apps hide the real password, so does our own GUI) I agree that we can keep it like it is right now. > If necessary to show password, I think we could provide another option > to force showing password in the command line. Let's wait for user feedback. > To limit abuse, maybe we could need users to input their passwords for > current Linux(or other systems) login user. Once the user is logged in and the keyring is unlocked, the user has access to the passwords. Asking for the user password again isn't going to secure the data, it just makes our own app harder to use. -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ SyncEvolution mailing list [email protected] http://lists.syncevolution.org/listinfo/syncevolution
