mIRC Home    About    Download    Register    News    Help

Print Thread
Encrypted server passwords #211238 08/04/09 07:31 PM
Joined: Apr 2006
Posts: 7
E
EneergE Offline OP
Nutrimatic drinks dispenser
OP Offline
Nutrimatic drinks dispenser
E
Joined: Apr 2006
Posts: 7
With the ability to connect to servers using SSL, I think it is now a good idea to also include the ability to encrypt server passwords in the servers.ini file.

Currently, all the passwords are stored in plaintext in the servers.ini file. I think there should be some sort of secure encryption method ran on the password before it's stored.

Re: Encrypted server passwords [Re: EneergE] #211239 08/04/09 08:54 PM
Joined: Apr 2004
Posts: 852
Sat Offline
Hoopy frood
Offline
Hoopy frood
Joined: Apr 2004
Posts: 852
Exactly which attack scenario would this address? Remember that mIRC would need the matching decryption key to be able to actually use the passwords in servers.ini later, meaning that that decryption key would have to be stored locally as well. Not unlike locking your front door and then putting the key under the door mat.


Saturn, QuakeNet staff
Re: Encrypted server passwords [Re: Sat] #211586 23/04/09 08:32 PM
Joined: Apr 2006
Posts: 7
E
EneergE Offline OP
Nutrimatic drinks dispenser
OP Offline
Nutrimatic drinks dispenser
E
Joined: Apr 2006
Posts: 7
Well, typically, it would address the issue that anybody could open an ini file and see a password there in plaintext. However, I guess it is actually a better idea to just not save the passwords, because running an md5 on it or something similar really isn't going to help much for someone who wants the information. smile

I'll make some sort of dialog asking for the password, I guess.

Re: Encrypted server passwords [Re: EneergE] #211589 23/04/09 09:49 PM
Joined: Dec 2002
Posts: 2,962
S
starbucks_mafia Offline
Hoopy frood
Offline
Hoopy frood
S
Joined: Dec 2002
Posts: 2,962
If you're using a non-Starter/Home version of XP or Vista you can simply encrypt your home directory (or just mIRC's settings directory) using Windows' built-in NTFS encryption layer which works transparently from mIRC's point-of-view.

Last edited by starbucks_mafia; 23/04/09 09:53 PM.

Spelling mistakes, grammatical errors, and stupid comments are intentional.