1997-02-18 - Interesting question: how to safely keep passwords online

Header Data

From: Ed.Falk@Eng.Sun.COM (Ed Falk)
To: cypherpunks@toad.com
Message Hash: 8941e0a38503557111c597026bc523a0f430a67440395e967292daff3c92a37c
Message ID: <199702181940.LAA24732@peregrine.eng.sun.com>
Reply To: N/A
UTC Datetime: 1997-02-18 19:41:34 UTC
Raw Date: Tue, 18 Feb 1997 11:41:34 -0800 (PST)

Raw message

From: Ed.Falk@Eng.Sun.COM (Ed Falk)
Date: Tue, 18 Feb 1997 11:41:34 -0800 (PST)
To: cypherpunks@toad.com
Subject: Interesting question: how to safely keep passwords online
Message-ID: <199702181940.LAA24732@peregrine.eng.sun.com>
MIME-Version: 1.0
Content-Type: text/plain



Here's a question that's been on my mind lately:  Often, you like
to keep external passwords stored on your personal computer.  As a quick
example, Eudora will remember your POP password for you so you don't
have to enter it every time.  Obviously, Eudora keeps this on disk
somewhere.

The question is: is there any (relatively) safe way to do this?  Obviously,
Eudora encrypt the saved password with some secret key, but this key could
probably be found by examining the code.  A slight improvement would
be for Eudora to generate an encryption key on the fly based on some
external system state, but this is also susceptible to reverse-engineering.

	-ed falk





Thread