Re: GNOME keyring unlocking

On Thu, 2013-10-10 at 13:13 +0300, p10 wrote:
if you're going to enter your password after 5 seconds anyway, which
makes this feature incompatible with "Online accounts" .

My solution is to use two keyrings. I have a passwordless keyring for IM
and other stuff that is accessed immediately on auto-login.
        Then I have a protected keyring that stores the passwords for
Evolution, encrypted folders and other things I want to keep secure.
        This means I only need to enter the password when I open Evolution or
something protected, and not immediately everytime I turn the machine
on. Which also means I can give it to a friend and let them browse the
internet or whatever without worrying about them accessing private data.

You seem to be under the impression that auto-login should in some way
be just as secure, without any form of authentication. If you don't need
to enter a password, then it doesn't matter what technical wizardry you
use to unlock the keyring, all someone needs to do is turn your computer
on, and they have full access to your stuff.
        You must either choose to have your data protected or unprotected.
Using the two keyring mechanism, like me, you can choose that on a more
fine-grained level, rather than having to make everything unprotected

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]