encryption has nothing to do with password?

From: Weiwu Zhang <zhangweiwu realss com>
To: seahorse-list gnome org
Subject: encryption has nothing to do with password?
Date: Sat, 15 Nov 2014 08:10:45 +1000

For years I thought login keyring is encrypted with login password.

Yesterday a friend took my old harddisk and mounted /home on his PC,
and configured a new user with same username with a simple password
"123456", and login. He can see all my files (expected) and have
access to my seahorse stored passwords (surprise).

It's a bit surprise to me. It means one can access my password
database without knowing my password. I often backup my gnome-keyring
without further enrypting it and I back up to the Internet. I may have
leaked many passwords already.

Now how to create a keyring that is related to my passwords? And
better still, to apply this to the login keyring so I don't have to
move all passwords to the new password-protected keyring?

Thanks.
Best.

Follow-Ups:
- Re: encryption has nothing to do with password?
  - From: Jim Campbell
- Re: encryption has nothing to do with password?
  - From: Stef Walter

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]