search

seansfkelley / nas-download-manager

An open source browser extension for adding/managing download tasks to your Synology DiskStation.
253 stars 45 forks source link

store DSM credentials encrypted #85

Open ghost opened 6 years ago

ghost commented 6 years ago

maintainer edit

When Firefox or Chrome support an encrypted area accessible by extensions to store credentials, the extension should be updated to use it.

As of this writing, no such encrypted area exists. Please note that only this extension is able to read the area where credentials are stored, and that credentials are never sent anywhere except the protocol/host/port combination set in the settings.

original comment follows

This is a feature request ! Login & Passworld is stored in a symple editable file. It is more then easy to get it with the IP address of the Synology NAS. I guess it is not good -at least- . Could you fix it soon?

Thanks for your effort on this! br C.G

seansfkelley commented 6 years ago

Hey there, I'm not entirely sure what you're asking for. The username and password are stored unencrypted, but in a place where only this extension can access it. To my knowledge, neither Firefox nor Chrome provide a method for extensions to store data securely, though I'd like to use one. Other extensions have the same problem, too.

ghost commented 6 years ago

Hi!

The data is being stored in a simple text file in a public directory. You can open it with any text writer program. The file is not protected. If it is a generic problem, than you should be proud to solve it. At least it is a way to use the windows password repository, or make it suitable to use a password saver like KeePass for example.

The extention itself just great!

Br C. G.

Sean Kelley notifications@github.com ezt írta (időpont: 2018. ápr. 6., Pén 19:06):

Hey there, I'm not entirely sure what you're asking for. The username and password are stored unencrypted, but in a place where only this extension can access it. To my knowledge, neither Firefox nor Chrome provide a method for extensions to store data securely, though I'd like to use one. Other extensions have the same problem, too https://www.download-station-extension.com/faq.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/seansfkelley/synology-download-manager/issues/85#issuecomment-379315850, or mute the thread https://github.com/notifications/unsubscribe-auth/AkXCfSLRP0X5z9tk1bT1-FcEmMnX5_oGks5tl6B2gaJpZM4TJoEr .

seansfkelley commented 6 years ago

I still don't quite understand -- where is this file you're referring to?