‘Application Data’ passwords

If you’re running Windows XP or Vista have a look in
C:Documents and SettingsusernameApplication Data
***you may need to show hidden files/folders

This is a warning if you have applications store or remember your username and especially password.  These applications may very well be storing them in plain text and it would be easy for someone to steal your credentials.  Instant messenger applications, games, FTP clients, etc…

save_passwd

The pidgin IM client (formely gaim) has an interesting article about why they do not encrypt their passwords: http://developer.pidgin.im/wiki/PlainTextPasswords


Google for im passwords: http://tinyurl.com/8fnc9t

It’s a bad idea to have any application remember your password!  If you don’t like to remember your passwords then try KeePass or the original Password Safe.

One thought on “‘Application Data’ passwords”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s