How do programs store saved passwords?

2

On the internet it is common to have the "remember password" in the login fields. I know this is done by application developers, but how does google chrome store a saved password? Since most applications were not designed to have gender integration with the browser (as far as I know).

Does it simply save a "plain text" password?

    
asked by anonymous 25.09.2014 / 21:40

2 answers

1

When authentication to an external system is done by password, this password matches the access credential to that system - that is, to authenticate with it, you need to present that password in your original format. For this reason, whatever medium the program uses to store this password, this process must necessarily be reversible (ie it must be possible to obtain the original password from whatever has been stored on disk).

The problem is: how to protect this password? You can not do it because the hashes are not reversible. You could encrypt it, but where to store the key? If the key is in a file next to the encrypted password, this is the same as locking your door and leaving the key in the lock ... You could also save this key in an external storage, and ask the user to insert it every time he wanted to use the saved password, but what is the advantage of memorizing the password? It saves it on the external device at one time ... In the same way, if you encrypt the saved password with another password, you avoid having to enter a password but then have to type another one, the advantage? ...

(I speak from a user's point of view, of course - you can have advantages in using a "master password" that unlocks access to all your saved passwords, eg give this option Or you can use a < but usually only those who are most concerned about security do this, the average user only wants not to. have to type the password and that's it!)

Because of this, most programs that store passwords from other services (and in this case, help the discussion not refer to them as "passwords", but rather as

25.09.2014 / 23:18
0

The sites use cookies which is a text file whose main function is to store user preferences on all websites. When you search for a product on a particular site and it appears on your screen when you browse other pages, it was the cookie who reported it to the system. It is the cookie who says that you are you and that you wanted that product.

In the case of passwords the browsers use the cache memory is a temporary storage on the hard disk of web pages, images and other documents and files using caching techniques to reduce the use of available bandwidth, increase the speed of access, between other advantages.

Based on this concept, browsers, when accessing a site, keep a copy of the files used by it on the hard disk; it can be used to mount the page instead of traversing the entire original file over the entire Internet to your computer again.

You can download the ChromePass tool. It's free to display saved passwords in the Google Chrome browser. The best thing about this free tool is even allows you to export these passwords into a file in HTML, XML format.

    
25.09.2014 / 22:04