Trac is being migrated to new services! Issues can be found in our new YouTrack instance and WIKI pages can be found on our website.

Version 8 (modified by Eion Robb, 5 years ago) (diff)

--

Keyrings cryptographically secure your password in a way that would generally be more secure (although not perfect). It would require a master password, shared amongst all the applications on your computer, to get at your passwords.

Pidgin 2.x.y does not support storing passwords in keyrings; currently you must either store passwords unencrypted or not at all (why? see PlainTextPasswords). You may find 3rd party plugins for keyring support at ThirdPartyPlugins#SecurityandPrivacy. However, 3.0.0 will support this feature, built-in.

Status

This code initially came from a Google Summer of Code project in 2008. Then, was rewritten by Tomasz Wasilczyk thanks to Google's interest in improving Pidgin's security.

It's merged and ready to be released with Pidgin 3.0.0.

Related tickets

Specific keyrings

Internal keyring

Status: implemented

It works in two modes: cleartext (passwords are stored unencrypted, as before) and using encryption with a master key. User needs to provide a master password once per every Pidgin startup. It uses AES-256 for encryption and PBKDF2-SHA256 for key derivation.

GNOME Keyring and KWallet

Status: implemented

These are the GNOME and KDE specific keyrings, where user needs to provide a master password once (depending on configuration) per system startup.

Freedesktop Secret Service API

Status: partially implemented, not integrated

It's intended to provide a standard interface for Linux apps to store passwords and similar stuff.

Pidgin connects to the Secret Service DBus API to store and retrieve passwords. There are several libraries to do this, including libsecret and python-keyring.

Windows credential manager

Status: implemented

This keyring encrypts passwords using Windows user account data. Its security depends on system configuration - encryption does nothing, if user’s account isn’t even protected with password.

KeePass

Status: not implemented

Cross-platform, open-source password manager.

Integrating KeePass with Pidgin would involve either writing a KeePass plug-in, or using one of the existing plugins that facilitate communicating with other apps. See for example KeeFox (KeePass–Firefox bridge), which includes the KeePassRPC plugin.

Mac OS Keychain

Status: not implemented

This is Mac OS specific keyring. Here is Apple's developer documentation for it.

All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!