[swift-users] Storing passwords in plaintext
Kevin Smith
kevin.smith at isode.com
Wed Feb 3 10:14:11 UTC 2016
Hi Andrew,
On 25 Jan 2016, at 18:20, Andrew Martin <amartin at xes-inc.com> wrote:
> I recently discovered Swift and very excited about using it as it seems to be a
> mature, feature-rich XMPP client. However, I am concerned about the "save
> password" checkbox, as it appears that it saves your password in plaintext in
> ~/.config/Swift/Swift.conf. I would expect it ton utilize the built-in OS
> password-management system (e.g. KWallet on KDE or Windows Credential Manager)
> rather than storing the password in plaintext. Does Swift support the ability
> to safely store passwords, or can the "store password" functionality be
> disabled entirely?
Swift doesn’t support system keychains at the moment, but disabling password saving can be achieved by dropping a system-settings.xml alongside the swift binary with contents like, which will enable a mode where credentials are forgotten as soon as you log in (they’re also not stored in memory inside any of the Swift controllers or library)
<settings>
<forgetPassword>true</forgetPassword>
</settings>
Hope that helps.
/K
More information about the swift-users
mailing list