You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 12, 2022. It is now read-only.
So passwords are not safe, hashes and such you verify to lock something are not safe. It's not safe, it's a piece of garbage and I've struggled for a long time to understand its usefulness.
Don't persist the user's Bitbucket password -- just ask for it every session.
The text was updated successfully, but these errors were encountered:
michaelsanford
changed the title
Encrypt payload stored in Windows Credential Manager
Encrypt credentials, move storage from Windows Credential Manager to Registry
Feb 14, 2019
michaelsanford
changed the title
Encrypt credentials, move storage from Windows Credential Manager to Registry
Encrypt credentials stored in WCM
Feb 15, 2019
michaelsanford
changed the title
Encrypt credentials stored in WCM
Don't store password (WCM is insecure)
Feb 16, 2019
It turns out the WCM is not even remotely a secure password store.
Don't persist the user's Bitbucket password -- just ask for it every session.
The text was updated successfully, but these errors were encountered: