Extra security layer for the protection of passwords
Submitted by Kees de Jong
Link to original bug (#666925)
Description
INTRODUCTION: I work at one of the biggest IT firms of the Netherlands. Recently I showed the Gnome 3 desktop to one of my superiors. They found it to be very innovative but they had some feedback which I found valid as well.
Security is one of the most important factors in order to take the Gnome 3 desktop serious. They were very surprised by the fact that passwords can easily be retrieved via Seahorse. The option "show passwords" kind of freaked them out. They couldn't believe that this was made by design, nor did I. But after some research I found out that this was by design.
I made this bugreport to inform you of this. The IT firm where I work for will not consider Gnome 3 because of primarily the design of Seahorse. I regret this very much and I hope some action will be taken after you all read this. I'm probably not the only one.
I already read that you guys won't consider an extra password prompt for displaying the passwords in plain text. But a solution like Firefox has for their master password will improve the security allot! Of course we all have to lock our desktops. If we don't then someone can indeed install a key logger or create a memory dump where passwords can be exposed. But this shouldn't be a reason to NOT implement such a small security feature which gives more trust to the user. Right now no one needs a key logger or memory dump to retrieve passwords, they just have to open Seahorse if the session isn't locked.
So this begs the question, do yo lock your door at night? You shouldn't actually, because your windows can easily be smashed by a rock from your garden. Do you get my point? Of course you lock your door even if your windows can be smashed... Why make it easier for burglars?
TO THE POINT: Seahorse can be a more secure application when Seahorse prompts for the keyring password again to see the passwords in plain text. This security feature can resemble the one in Firefox with the master password. It doesn't hurt to implement this simple extra security layer. There is nothing to lose but much to gain. And the security experts at my firm might consider Gnome 3 if it has a more reliable password management architecture.
Thank you for your time.