-
-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature Request] Use the operating systems credential manager #740
Comments
The actual windows API in question: https://learn.microsoft.com/en-us/windows/win32/api/wincred/ |
I do agree with this, this should be protected in some form. For our use case though, I don't think we'd need to interface with win32 directly, dotnet provides a nice abstraction layer: https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.protecteddata?view=dotnet-plat-ext-8.0 We should also ensure the implementation works on Linux/under Wine. |
According to https://security.stackexchange.com/questions/119765 |
Redacted brought up how easy it is to dump DPAPI in DMs, it alone* is probably not the solution we're looking for here. |
Just to re-iterate issues brought up:
The following suggestion was brought up which seems most viable:
|
In a perfect world, you would be storing the login token or something in there instead. I'm assuming you guys have a good reason to save the password and not some kind of login token you can renew |
VRChat currently does not supply a renewable login token. Once a token expires that's that, only a user/pass can make a new one afaik. |
its only been 5 years, it will happen soon don't worry https://feedback.vrchat.com/feature-requests/p/provide-an-authenticationauthorization-model-for-third-party-api-integrations |
May I have a commit or PR for when this got resolved? |
@Natsumi-sama I request this issue to be reopened. A quick browse into the SQlite database reveals the password is not encrypted by default. Or that the OS creds manager is used in any way. This issue has not been resolved |
@VasilisThePikachu |
A solution was brought up in here to generate a random private key to store and use that to encrypt the password. It's also as bad to store the key in plain text. It was also not explained to me why the issue was closed. Even after I asked for a commit with a fix or at least an explanation on why it was closed. |
Explain in detail what your suggested feature would be used for.
https://support.microsoft.com/en-us/windows/accessing-credential-manager-1b5c916a-6a16-889f-8581-fc16e8165ac0
I don't need a security expert to explain that saving the user password in plain text is a terrible idea. You never know when the user may get their password leaked out cause they had a credential grabber on their operating system. Or if someone sends their database file to someone thinking they are getting troubleshooting.
The easiest fix for this is using the operating systems credential manager.
Describe how it would look if it requires a UI.
Remove the "encrypt password" tick in advanced settings. And use this by default ALWAYS
Explain why people would want to use it.
Storing passwords in plain text is bad. Also, you don't have a security section so here I am.
The text was updated successfully, but these errors were encountered: