• lemmyvore@feddit.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    4 months ago

    You. Don’t. Store. Secrets. In. Plaintext.

    SSH stores the secret keys in plaintext too. In a home dir accessible only by the owning user.

    I won’t speak about Windows but on Linux and other Unix systems the presumption is that if your home dir is compromised you’re fucked anyway. Effort should be spent on actually protecting access to the home personal files not on security theater.

      • dave@programming.dev
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        Well yes, but also how would users react if they had to type in their passphrase every time they open the app? This is also exactly what we’re giving up everywhere else by clicking ‘remember this device’.