Miranda NG Official Community Forum

Forum for English speaking Miranda NG users => Support/Help => Topic started by: ajim on 14 02 2017, 14:00:49

Title: Passwords encryption strength?
Post by: ajim on 14 02 2017, 14:00:49

Is the encryption on NG (to store password logins) better than the Miranda IM version which uses a simple proprietary method which which can be easily decoded using freely available tools like MirandaPasswordDecryptor?

Title: Re: Passwords encryption strength?
Post by: ghazan on 14 02 2017, 16:55:25

Miranda IM uses completely insecure 'encryption' that allows any worm or virus to read your passwords

Miranda NG uses strong cryptography (AES256) + the special schema that prevents a brute force attack against your password. You just need to enter a password for your profile (if you forget it, your profile will be inaccessible forever, the only way to decrypt it is to enter a vaild password).

Title: Re: Passwords encryption strength?
Post by: Robyer on 15 02 2017, 15:04:15

ajim, just don't forget to enable the full encryption in Options / Database (that's where you also set the password, as ghazan mentioned).

Title: Re: Passwords encryption strength?
Post by: Vulpix on 15 02 2017, 17:58:45

I remember there was a bug with encryption whereby some stuff was still in plaintext in the profile, if it was a very old profile. You should probably check for that when you enable encryption, to see if there is still plaintext. If so, you may need to reimport your profile.

Title: Re: Passwords encryption strength?
Post by: ajim on 16 02 2017, 13:29:51

Awesome. Thanks.