You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 7, 2021. It is now read-only.
It seems that every node process can retrieve passwords stored by keytar by our process.
This is a limitation that is described in the keytarbug, and it seems to be a security weakness that software generally does not want to take responsibility for (Chrome, for example).
I think we should keep all passwords secure with a user password.
For example, use the user password as an encryption key.
The text was updated successfully, but these errors were encountered:
It seems that every
node
process can retrieve passwords stored bykeytar
by our process.This is a limitation that is described in the
keytar
bug, and it seems to be a security weakness that software generally does not want to take responsibility for (Chrome, for example).I think we should keep all passwords secure with a user password.
For example, use the user password as an encryption key.
The text was updated successfully, but these errors were encountered: