One Hundred Paper Cuts -- the first ten

Steven Harms thisdyingdream at
Fri Jun 19 16:20:13 BST 2009

Can someone clarify for me the different between Firefox (our default
browser) storing passwords in clear text, and why that is acceptable,
but storing it clear text for network manager is unacceptable?


Steven Harms

On Fri, Jun 19, 2009 at 11:03 AM, Niels Egberts<niels.egberts at> wrote:
>> This is exactly what already happens, Network Manager saves the network
>> passphrase for future use.
>> The problem is that the keyring *into which* it saves that password is
>> encrypted with your login password as a key.
>> If you use auto-login, your *keyring* is not yet open.
>> The passphrase you have to enter is not the network passphrase, it is
>> your login password - needed to decrypt your keyring.
>> Otherwise all the saved passwords and passphrases would be trivially
>> readable :-(
> Why not let the user decide if the network-passphrase will be stored
> encrypted or not? I am not afraid that my passphrase will be stolen,
> and if it is, they already have access to my whole computer.
> --
> ubuntu-devel mailing list
> ubuntu-devel at
> Modify settings or unsubscribe at:

GPG Key ID: C92EF367 / 1428 FE8E 1E07 DDA8 EFD7 195F DCCD F5B3 C92E F367

More information about the ubuntu-devel mailing list