Keyrings cryptographically secure your password in a way that would generally be more secure (although not perfect). It would require a master password, shared amongst all the applications on your computer, to get at your passwords. Pidgin 2.x.y does not support storing passwords in keyrings; currently you must either store passwords unencrypted or not at all (why? see PlainTextPasswords). However, 3.0.0 will support this feature. == Status == This is being actively worked on by Tomasz Wasilczyk in the soc.2008.masterpassword branch of hxxps://hg.pidgin.im/cpw/tomkiewicz/masterpassword. The code has not been merged into the main development tree yet, but it's ready for a review. This code initially came from a Google Summer of Code [wiki:GSoC2008/MasterPassword project] in 2008. == Related tickets == * #673 * [hxxps://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/75850 Launchpad bug #75850] == Specific keyrings == === Internal keyring === Status: implemented It works in two modes: cleartext (passwords are stored unencrypted, as before) and using encryption with a master key. User needs to provide a master password once per every Pidgin startup. It uses AES-256 for encryption and PBKDF2-SHA256 for key derivation. === GNOME Keyring and KWallet === Status: implemented These are the GNOME and KDE specific keyrings, where user needs to provide a master password once (depending on configuration) per system startup. === Freedesktop Secret Service API === Status: partially implemented, not integrated It's intended to provide a standard interface for Linux apps to store passwords and similar stuff. Pidgin connects to the [hxxp://standards.freedesktop.org/secret-service/ Secret Service] DBus API to store and retrieve passwords. There are several libraries to do this, including [hxxps://live.gnome.org/Libsecret libsecret] and [hxxps://pypi.python.org/pypi/keyring python-keyring]. === Windows credential manager === Status: implemented This keyring encrypts passwords using Windows user account data. Its security depends on system configuration - encryption does nothing, if user’s account isn’t even protected with password. === KeePass === Status: not implemented Cross-platform, open-source password manager. Integrating [hxxp://keepass.info/ KeePass] with Pidgin would involve either [hxxp://keepass.info/help/v2/plugins.html writing a KeePass plug-in], or using one of the existing plugins that facilitate communicating with other apps. See for example [hxxp://keefox.org/ KeeFox] (KeePass–Firefox bridge), which includes the [hxxp://keefox.org/2010/12/02/keepassrpc-plugin-technical-overview/ KeePassRPC plugin]. === Mac OS Keychain === Status: not implemented This is [hxxps://en.wikipedia.org/wiki/Keychain_%28Mac_OS%29 Mac OS specific keyring]. Here is [hxxps://developer.apple.com/library/mac/documentation/Security/Conceptual/keychainServConcepts/01introduction/introduction.html Apple's developer documentation] for it.