[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: How do you store the KWallet master password?
From:       Christoph Feck <christoph () maxiom ! de>
Date:       2013-11-10 11:20:41
Message-ID: 201311101220.41362.christoph () maxiom ! de
[Download RAW message or body]

On Sunday 10 November 2013 12:07:51 Christoph Feck wrote:
> On Sunday 10 November 2013 07:43:12 Abe Masiddo wrote:
> > Hello,
> > 
> > I am considering to use KWallet to store some of my passwords. I
> > know that KWallet uses a master password that allows me to
> > retrieve my other passwords. How do you store the master
> > password?
> 
> The password is stored in your brain. If you forget it, you only
> have "brute force" methods to be able to decrypt the wallet again
> (not that I know anyone who was successful at cracking it).

Regarding the technical information, the KWallet handbook at 
http://docs.kde.org/stable/en/kdeutils/kwallet/kwallet.pdf reveals:

"The data is encrypted with the Blowfish symmetric block cipher 
algorithm, the algorithm key is derived from the SHA-1 hash of the 
password, with a key length of 156 bits (20 bytes). The data into the 
wallet file is also hashed with SHA-1 and checked before the data is 
deciphered and accessible by the applications."

More information at http://en.wikipedia.org/wiki/Blowfish_(cipher)

Christoph Feck (kdepepo)
KDE Quality Team

>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]