[sip-comm-dev] Password Storage in trunk


#1

Hi Dmitri,

I'm trying to integrate the gsoc10/passwdstrg branch into trunk. I'm
facing too many issues with with missing license headers, javadocs and
@author, class imports, formatting not in accord with our coding
convention in order to be able to focus on the correctness of the
implementation and its relevance to the latest trunk at the time of
this writing but I wanted to ask you the following:

Shouldn't we be calling CredentialsStorageService.removePassword
during the execution of ProtocolProviderFactory.removeStoredAccount? I
presume it doesn't make much of a difference when the
CredentialsStorageService implementation stores the password as an
account property because removeStoredAccount will remove all account
properties. But when the CredentialsStorageService implementation is,
for example, the Gnome keyring on Linux, I think we want to be
explicit - as far as my Empathy and Evolution experience goes, these
two programs remove the account passwords from the keyring upon
removing the respective accounts from inside the programs.

Regards,
Lubomir

···

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#2

Hi Lubomir,

Hi Dmitri,

I'm trying to integrate the gsoc10/passwdstrg branch into trunk. I'm
facing too many issues with with missing license headers, javadocs and
@author, class imports, formatting not in accord with our coding
convention in order to be able to focus on the correctness of the
implementation and its relevance to the latest trunk at the time of
this writing but I wanted to ask you the following:

Indeed, I have overlooked the license headers and @author. However,
the other javadocs and also package imports should be present in my
new classes. I was using the formatter for eclipse from the SC
website. I can check the code again and add the missing @author and
license headers.

Shouldn't we be calling CredentialsStorageService.removePassword
during the execution of ProtocolProviderFactory.removeStoredAccount? I
presume it doesn't make much of a difference when the
CredentialsStorageService implementation stores the password as an
account property because removeStoredAccount will remove all account
properties. But when the CredentialsStorageService implementation is,
for example, the Gnome keyring on Linux, I think we want to be
explicit - as far as my Empathy and Evolution experience goes, these
two programs remove the account passwords from the keyring upon
removing the respective accounts from inside the programs.

That's a good idea, removing the stored password explicitly is indeed
better in this case, because, as you said the implementation can be
different. I will update ProtocolProviderFactory.removeStoredAccount.

Will you put the integration on hold while I'm making these changes or
maybe you already did some updates yourself?

Cheers,
Dmitri

···

On Mon, Jul 12, 2010 at 10:22 AM, Lubomir Marinov <lubo@sip-communicator.org> wrote:

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#3

Dmitri, it's me again. CredentialsStorageServiceImpl has
showPasswordPrompt which creates a Swing UI and calls
JOptionPane.showOptionDialog. I don't find such an implementation
suitable for the design of SIP Communicator and I'd rather expect
CredentailsStorageServiceImpl to rather search for a (UI) service
which can do the obtaining of the password from the user. As Yana
pointed to me, the UIService has getDefaultSecurityAuthority which
gives a SecurityAuthority able to ask the user for credentials. The
way you have it SIP Communicator could be running with a non-Swing UI
or it could be on a headless machine and you're showing a Swing
JOptionPane to ask for the password.

···

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#4

Hi again Dmitri,

Well... I think it'd be inefficient to start the merging all over
again so I seem to prefer me committing at some point in trunk and
then you sending a patch for trunk to address the remaining issues.

Thank you,
Lubomir

···

On Mon, Jul 12, 2010 at 11:11 AM, Dmitri Melnikov <dmitri807@gmail.com> wrote:

Will you put the integration on hold while I'm making these changes or
maybe you already did some updates yourself?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#5

Dmitri, you may have seen that Yana has changed the user interface of
the Options dialog and, more specifically, the General configuration
form. As a result, now there seems to be less horizontal and vertical
space for the passwdstrg controls there. I had offline conversations
with Yana and Emil and they shared the following:

- Move the passwdstrg controls in a new tab in the Security
configuration form. Currently, there are two tabs called Chat and
Call. You could add a new tab called Passwords, for example.

- Protect the "Saved passwords" dialog with the master password (if
any, of course). In other words, if there is a master password, ask
for it before displaying the "Saved passwords" like you do after
clicking the "Show Passwords" button.

And a couple of questions for me:

- Since "Change master password" requires input from the user,
shouldn't it be "Change master password..." instead. I'm not so sure
about "Saved passwords" but Firefox seems to use ellipsis there as
well so I guess the guideline for buttons may be to show ellipsis
whenever the button shows a dialog.

- Why "Saved passwords"/"Remove all"/"Change master password" and
"Show Passwords" follow different capitalization rules? I think they
should be uniformly capitalized for the sake of consistency.

···

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#6

OK, I'll send a patch then.

By the way, changing my eclipse javadoc preferences to be even more
strict and checking again I did found some missing or empty @param.
Thanks for noticing.

···

On Mon, Jul 12, 2010 at 11:19 AM, Lubomir Marinov <lubo@sip-communicator.org> wrote:

On Mon, Jul 12, 2010 at 11:11 AM, Dmitri Melnikov <dmitri807@gmail.com> wrote:

Will you put the integration on hold while I'm making these changes or
maybe you already did some updates yourself?

Hi again Dmitri,

Well... I think it'd be inefficient to start the merging all over
again so I seem to prefer me committing at some point in trunk and
then you sending a patch for trunk to address the remaining issues.

Thank you,
Lubomir

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#7

Hi Lubomir,

First of all, thanks for your feedback!

Regarding showPasswordPrompt(), I agree, I felt it was wrong to leave
the JOptionPane.showOptionDialog, but could not find a better way to
do it. Do you suggest that I add a method like getMasterPassword()
into SecurityAuthority and use that from everywere?

Dmitri, you may have seen that Yana has changed the user interface of
the Options dialog and, more specifically, the General configuration
form. As a result, now there seems to be less horizontal and vertical
space for the passwdstrg controls there. I had offline conversations
with Yana and Emil and they shared the following:

- Move the passwdstrg controls in a new tab in the Security
configuration form. Currently, there are two tabs called Chat and
Call. You could add a new tab called Passwords, for example.

OK.

- Protect the "Saved passwords" dialog with the master password (if
any, of course). In other words, if there is a master password, ask
for it before displaying the "Saved passwords" like you do after
clicking the "Show Passwords" button.

OK.

And a couple of questions for me:

- Since "Change master password" requires input from the user,
shouldn't it be "Change master password..." instead. I'm not so sure
about "Saved passwords" but Firefox seems to use ellipsis there as
well so I guess the guideline for buttons may be to show ellipsis
whenever the button shows a dialog.

- Why "Saved passwords"/"Remove all"/"Change master password" and
"Show Passwords" follow different capitalization rules? I think they
should be uniformly capitalized for the sake of consistency.

I'll look into these issues about ellipsis and capitalization.

Will you still merge the code into trunk despite the above mentioned problems?

Cheers,
Dmitri

···

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#8

Hi Dmitri,

Totally. The functionality seems to work as expected, your code looks
very well structured and I don't see the issues mentioned above as
major enough to delay showing passwdstrg to the whole community and
unleashing testing on it. I expect to commit it later today.

Best regards,
Lubomir

···

On Mon, Jul 12, 2010 at 1:56 PM, Dmitri Melnikov <dmitri807@gmail.com> wrote:

Will you still merge the code into trunk despite the above mentioned problems?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#9

Hey Dmitri,

I just tried out the new master password feature and reeeeally like it!
Great job!

Just a couple of quick comments from me:

* We are trying to be J 1.5 compatible so String.isEmpty() is a no go.
* Could you please make sure that password components, like the one that
allows you to set the master password and the one that requires you to
enter it on startup, request the focus in the password field so that
users don't need to click on it?

Congrats once again!
Emil

На 12.07.10 14:13, Lubomir Marinov написа:

···

On Mon, Jul 12, 2010 at 1:56 PM, Dmitri Melnikov <dmitri807@gmail.com> wrote:

Will you still merge the code into trunk despite the above mentioned problems?

Hi Dmitri,

Totally. The functionality seems to work as expected, your code looks
very well structured and I don't see the issues mentioned above as
major enough to delay showing passwdstrg to the whole community and
unleashing testing on it. I expect to commit it later today.

Best regards,
Lubomir

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#10

Hi Emil,

Hey Dmitri,

I just tried out the new master password feature and reeeeally like it!
Great job!

I'm glad you like it, thanks!

Just a couple of quick comments from me:

* We are trying to be J 1.5 compatible so String.isEmpty() is a no go.
* Could you please make sure that password components, like the one that
allows you to set the master password and the one that requires you to
enter it on startup, request the focus in the password field so that
users don't need to click on it?

Sure, I'll add these issues to my todo list. I hope by get my patch
ready by tomorrow.

Cheers,
Dmitri

···

On Mon, Jul 12, 2010 at 11:26 PM, Emil Ivov <emcho@sip-communicator.org> wrote:

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#11

Dear Dmitri, dear Emil,

Very nice feature!

I have tried it with WinXP nb2802, the masterpassword cannot be stored and the passwords of the accounts dont show up in the list (even after SC-restart).
When I want to change the masterpwd, it looks that it has not been saved.
maybe I am doing something wrong here, pls see attached screenshots (1-2-3; accounts)

kind regards, MS

···

Hi Emil,

On Mon, Jul 12, 2010 at 11:26 PM, Emil Ivov <emcho@sip-communicator.org> wrote:

Hey Dmitri,

I just tried out the new master password feature and reeeeally like it!
Great job!

I'm glad you like it, thanks!

Just a couple of quick comments from me:

* We are trying to be J 1.5 compatible so String.isEmpty() is a no go.
* Could you please make sure that password components, like the one that
allows you to set the master password and the one that requires you to
enter it on startup, request the focus in the password field so that
users don't need to click on it?

Sure, I'll add these issues to my todo list. I hope by get my patch
ready by tomorrow.

Cheers,
Dmitri

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

--
Mit freundlichen Grüßen
Mr Smith
mailto:mr.smith476@googlemail.com


#12

Hi all,

My patch is ready and fixes the following issues:

- Missing javadocs. Everything should now be commented.
- AccountManagerImpl.removeStoredAccount (called from
ProtocolProviderFactory.removeStoredAccount) removes the password
explicitly.
- CredentialsStorageServiceImpl calls UIService.getMasterPassword (new
method) to ask the user to input the master password, and so do
SavedPasswordsPanel and MasterPasswordPanel. Thus the code is in one
place. I'm not sure if this new method in UIService is the right place
for this, but SecurityAuthority seemed to contain too much protocol
specific code to put the MP input code there.
- "Change Master Password..." and "Saved Passwords..." have ellipsis
and other buttons have all of their words capitalized.
- "Saved Passwords..." button is protected with master password input
instead of "Show Passwords" button.
- Change master password dialog and master password input have the
focus in the password input field.
- Password migration now happens also when the user clicks the "Show
Passwords" button in the saved passwords dialog. Hopefully this should
fix the problem reported earlier by Mr. Smith.
- Under some circumstances it was possible to be asked for the master
password twice; fixed.

I also noticed that my formatter for eclipse taken from the SC website
is not formatting the code properly sometimes. Maybe there is a new
one somewhere?

Cheers,
Dmitri

passwdstorage.patch (33.8 KB)


#13

Hi Mr Smith,
Do I understand correctly that you only set the master password but
did not sign in with the account (whose passwords are stored) or that
you were already signed in with all the accounts when you set the
master password?
I haven't tested yet, but I think the problem is due to old password
properties not being migrated to the new ones. Currently migration
happens only upon signing in. However, the migration should also
happen when setting the master password. I'll fix this.

Thanks for reporting!

Dmitri

···

On Tue, Jul 13, 2010 at 10:26 AM, Mr Smith <mr.smith476@googlemail.com> wrote:

Dear Dmitri, dear Emil,

Very nice feature!

I have tried it with WinXP nb2802, the masterpassword cannot be stored and the passwords of the accounts dont show up in the list (even after SC-restart).
When I want to change the masterpwd, it looks that it has not been saved.
maybe I am doing something wrong here, pls see attached screenshots (1-2-3; accounts)

kind regards, MS

Hi Emil,

On Mon, Jul 12, 2010 at 11:26 PM, Emil Ivov <emcho@sip-communicator.org> wrote:

Hey Dmitri,

I just tried out the new master password feature and reeeeally like it!
Great job!

I'm glad you like it, thanks!

Just a couple of quick comments from me:

* We are trying to be J 1.5 compatible so String.isEmpty() is a no go.
* Could you please make sure that password components, like the one that
allows you to set the master password and the one that requires you to
enter it on startup, request the focus in the password field so that
users don't need to click on it?

Sure, I'll add these issues to my todo list. I hope by get my patch
ready by tomorrow.

Cheers,
Dmitri

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

--
Mit freundlichen Grüßen
Mr Smith
mailto:mr.smith476@googlemail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#14

As far as I remember what Yana has told me, we just haven't been able
to instruct the Eclipse formatter to fully follow our convention.

···

On Wed, Jul 14, 2010 at 12:47 AM, Dmitri Melnikov <dmitri807@gmail.com> wrote:

I also noticed that my formatter for eclipse taken from the SC website
is not formatting the code properly sometimes. Maybe there is a new
one somewhere?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#15

Hey Dmitri,

На 13.07.10 23:47, Dmitri Melnikov написа:

- "Saved Passwords..." button is protected with master password input
instead of "Show Passwords" button.

Actually, the should both be protected separately in case the user
accidentally leaves the first window on the desktop while gone. I
believe that's also how firefox does it.

- Password migration now happens also when the user clicks the "Show
Passwords" button in the saved passwords dialog. Hopefully this should
fix the problem reported earlier by Mr. Smith.

Is there any reason why password migration doesn't happen as soon as a
master password is set (and only then?).

- Under some circumstances it was possible to be asked for the master
password twice; fixed.

Ah good! I believe I had also noticed that but thought I might have
typed it wrong the first time.

Cheers,
Emil

···

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#16

Dear Dmitri,
sorry for the incomplete information:

all the accounts were already existing/signed in before I set up the master password.

kind regards, MS

···

Hi Mr Smith,
Do I understand correctly that you only set the master password but
did not sign in with the account (whose passwords are stored) or that
you were already signed in with all the accounts when you set the
master password?
I haven't tested yet, but I think the problem is due to old password
properties not being migrated to the new ones. Currently migration
happens only upon signing in. However, the migration should also
happen when setting the master password. I'll fix this.

Thanks for reporting!

Dmitri

On Tue, Jul 13, 2010 at 10:26 AM, Mr Smith <mr.smith476@googlemail.com> wrote:

Dear Dmitri, dear Emil,

Very nice feature!

I have tried it with WinXP nb2802, the masterpassword cannot be stored and the passwords of the accounts dont show up in the list (even after SC-restart).
When I want to change the masterpwd, it looks that it has not been saved.
maybe I am doing something wrong here, pls see attached screenshots (1-2-3; accounts)

kind regards, MS

Hi Emil,

On Mon, Jul 12, 2010 at 11:26 PM, Emil Ivov <emcho@sip-communicator.org> wrote:

Hey Dmitri,

I just tried out the new master password feature and reeeeally like it!
Great job!

I'm glad you like it, thanks!

Just a couple of quick comments from me:

* We are trying to be J 1.5 compatible so String.isEmpty() is a no go.
* Could you please make sure that password components, like the one that
allows you to set the master password and the one that requires you to
enter it on startup, request the focus in the password field so that
users don't need to click on it?

Sure, I'll add these issues to my todo list. I hope by get my patch
ready by tomorrow.

Cheers,
Dmitri

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

--
Mit freundlichen Grüßen
Mr Smith
mailto:mr.smith476@googlemail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#17

Hi,
I've submitted a patch that will hopefully fix this issue. Thanks for
the feedback.

Cheers,
Dmitri

···

On Tue, Jul 13, 2010 at 11:49 AM, Mr Smith <mr.smith476@googlemail.com> wrote:

Dear Dmitri,
sorry for the incomplete information:

all the accounts were already existing/signed in before I set up the master password.

kind regards, MS

Hi Mr Smith,
Do I understand correctly that you only set the master password but
did not sign in with the account (whose passwords are stored) or that
you were already signed in with all the accounts when you set the
master password?
I haven't tested yet, but I think the problem is due to old password
properties not being migrated to the new ones. Currently migration
happens only upon signing in. However, the migration should also
happen when setting the master password. I'll fix this.

Thanks for reporting!

Dmitri

On Tue, Jul 13, 2010 at 10:26 AM, Mr Smith <mr.smith476@googlemail.com> wrote:

Dear Dmitri, dear Emil,

Very nice feature!

I have tried it with WinXP nb2802, the masterpassword cannot be stored and the passwords of the accounts dont show up in the list (even after SC-restart).
When I want to change the masterpwd, it looks that it has not been saved.
maybe I am doing something wrong here, pls see attached screenshots (1-2-3; accounts)

kind regards, MS

Hi Emil,

On Mon, Jul 12, 2010 at 11:26 PM, Emil Ivov <emcho@sip-communicator.org> wrote:

Hey Dmitri,

I just tried out the new master password feature and reeeeally like it!
Great job!

I'm glad you like it, thanks!

Just a couple of quick comments from me:

* We are trying to be J 1.5 compatible so String.isEmpty() is a no go.
* Could you please make sure that password components, like the one that
allows you to set the master password and the one that requires you to
enter it on startup, request the focus in the password field so that
users don't need to click on it?

Sure, I'll add these issues to my todo list. I hope by get my patch
ready by tomorrow.

Cheers,
Dmitri

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

--
Mit freundlichen Grüßen
Mr Smith
mailto:mr.smith476@googlemail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#18

Hi,
I replied only to Emil and didn't notice that it didn't go to dev.

Hey Dmitri,

На 13.07.10 23:47, Dmitri Melnikov написа:

- "Saved Passwords..." button is protected with master password input
instead of "Show Passwords" button.

Actually, the should both be protected separately in case the user
accidentally leaves the first window on the desktop while gone. I
believe that's also how firefox does it.

I'll add that back then.

- Password migration now happens also when the user clicks the "Show
Passwords" button in the saved passwords dialog. Hopefully this should
fix the problem reported earlier by Mr. Smith.

Is there any reason why password migration doesn't happen as soon as a
master password is set (and only then?).

Well, because there's no real need to do it. These are the migration
scenarios that I can think of:
1. User starts SC and all his accounts with saved passwords that go
online automatically on startup are already migrated.
2. When he signs in with a previously offline account that had a saved
password it is migrated.
3. (New one) The user opens the saved passwords dialog and sees all of
the accounts that have stored passwords - encrypted and unencrypted
(thus already migrated and not). There if he clicks show passwords the
same method is called (loadPassword) that has the migration logic.
This would migrate everything in one click; this was not my intention,
however, just a convenient and lucky way to do it with almost no
changes to the code.
If I haven't overlooked anything then these should cover all the cases
for migration without causing any problems, lost passwords, etc.

Cheers,
Dmitri

···

On Wed, Jul 14, 2010 at 1:54 AM, Emil Ivov <emcho@sip-communicator.org> wrote:

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net


#19

Hi all,

I made a new patch with both "Saved Passwords..." and "Show Passwords"
buttons protected by password, everything else is the same as in the
previous patch.

Cheers,
Dmitri

passwdstorage2.patch (33.1 KB)


#20

Hey Dmitri,

На 14.07.10 08:22, Dmitri Melnikov написа:

Is there any reason why password migration doesn't happen as soon as a
master password is set (and only then?).

Well, because there's no real need to do it.

This doesn't really answer the question :). Is there anything specific
that's preventing us from encrypting passwords as soon as the user sets
a master password?

(more below)

These are the migration
scenarios that I can think of:
1. User starts SC and all his accounts with saved passwords that go
online automatically on startup are already migrated.
2. When he signs in with a previously offline account that had a saved
password it is migrated.
3. (New one) The user opens the saved passwords dialog and sees all of
the accounts that have stored passwords - encrypted and unencrypted
(thus already migrated and not). There if he clicks show passwords the
same method is called (loadPassword) that has the migration logic.
This would migrate everything in one click; this was not my intention,
however, just a convenient and lucky way to do it with almost no
changes to the code.
If I haven't overlooked anything then these should cover all the cases
for migration without causing any problems, lost passwords, etc.

How about: user sets a master password then exits the application. At
this point the file would still contain non-protected passwords while
the user may mistakenly believe that she has done whatever's necessary
to protect them? Am I right?

That aside it simply seems more reasonable to me to encrypt the
passwords as soon as the user has indicated her desire to do so (and
only then) rather than try and subject the migration to a number of
other conditions that may or may not occur.

Let me know if I am missing something!

Cheers,
Emil

···

Cheers,
Dmitri

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net

--
Emil Ivov, Ph.D. 67000 Strasbourg,
Project Lead France
SIP Communicator
emcho@sip-communicator.org PHONE: +33.1.77.62.43.30
http://sip-communicator.org FAX: +33.1.77.62.47.31

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@sip-communicator.dev.java.net
For additional commands, e-mail: dev-help@sip-communicator.dev.java.net