encryption has nothing to do with password?



For years I thought login keyring is encrypted with login password.

Yesterday a friend took my old harddisk and mounted /home on his PC,
and configured a new user with same username with a simple password
"123456", and login. He can see all my files (expected) and have
access to my seahorse stored passwords (surprise).

It's a bit surprise to me. It means one can access my password
database without knowing my password. I often backup my gnome-keyring
without further enrypting it and I back up to the Internet. I may have
leaked many passwords already.

Now how to create a keyring that is related to my passwords? And
better still, to apply this to the login keyring so I don't have to
move all passwords to the new password-protected keyring?

Thanks.
Best.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]