Forums Feature Suggestions plain text password %appdata%/mirc

Not sure if this should be in the bug report or the feature request board so if i guessed incorectly i'm sorry.

I was looking around in de mirc folder of %appdata%/mirc
in the servers.ini the pw for the servers is in plain text

and even though this is on a local computer isn't much more secure to encrypt the password instead of saving it in plain text ?

See: https://forums.mirc.com/ubbthreads.php/topics/211238/

My opinion: If I got access to your computer, you got bigger issues.

As others have mentioned, if someone has enough access to your computer to read your servers.ini file, they can probably do anything else, such as install monitoring software. That said, I can understand why you are asking for this.

Most applications store important data, such as passwords, using encryption or obfuscation that can be easily reversed. This usually serves as a minor deterrent to a casual browser but it would not hinder someone who is intentionally looking for the data.

A more secure method would be to request a master password on startup that can then be used as the encryption/decryption key. mIRC already has an Options/Lock dialog with an "on startup" option. I should be able to extend that feature so that the lock password is used as the encryption/decryption key. This has been added to my to-do list.