‘Application Data’ passwords

Posted on 23-Jan-2009 by .

If you’re running Windows XP or Vista have a look in
C:\Documents and Settings\username\Application Data
***you may need to show hidden files/folders

This is a warning if you have applications store or remember your username and especially password.  These applications may very well be storing them in plain text and it would be easy for someone to steal your credentials.  Instant messenger applications, games, FTP clients, etc…

save_passwd

The pidgin IM client (formely gaim) has an interesting article about why they do not encrypt their passwords: http://developer.pidgin.im/wiki/PlainTextPasswords


Google for im passwords: http://tinyurl.com/8fnc9t

It’s a bad idea to have any application remember your password!  If you don’t like to remember your passwords then try KeePass or the original Password Safe.

This entry was posted in microsoft, news. Bookmark the permalink.

One Response to ‘Application Data’ passwords

  1. Pingback: LastPass: My new favorite password manager « System7

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>