mrx23dot
commented
2 years ago Keyring is a good way to store secrets in OS-s. https://stackoverflow.com/questions/14756352/how-is-python-keyring-implemented-on-windows
Open nemoinis opened 3 years ago
mrx23dot
commented
2 years ago Keyring is a good way to store secrets in OS-s. https://stackoverflow.com/questions/14756352/how-is-python-keyring-implemented-on-windows
nemoinis
commented
2 years ago Keyring is a good way to store secrets in OS-s. https://stackoverflow.com/questions/14756352/how-is-python-keyring-implemented-on-windows What does this have to do with my bug report? I'm reporting a specific issue with VC on Linux, not inquiring about other software on other operating systems.
(this is transferred from SourceForge Veracrypt Ticket #421)
veracrypt's GUI hides the PIM number (if used) during input; veracrypt's documentation warns about passing the PIM as a command-line option: "Note that passing a PIM on the command line is potentially insecure as the PIM may be visible in the process list (see ps(1)) and/or stored in a command history file or system logs"
However, veracrypt command line mode with the --text option, echoes the PIM number as it is typed in the terminal (whereas the password is properly hidden during input.)
This is Veracrypt 1.24Update7 on Debian/Ubuntu.