Author Topic: Passwords encryption strength?  (Read 169 times)

0 Members and 1 Guest are viewing this topic.

Offline ajimTopic starter

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
Passwords encryption strength?
« on: 14 02 2017, 14:00:49 »
Is the encryption on NG (to store password logins) better than the Miranda IM version which uses a simple proprietary method which which can be easily decoded using freely available tools like MirandaPasswordDecryptor?
 

Offline ghazan

  • Miranda NG founder
  • Administrator
  • *****
  • Posts: 339
  • Country: ru
  • Karma: 34
  • Jabber ID
Re: Passwords encryption strength?
« Reply #1 on: 14 02 2017, 16:55:25 »
Miranda IM uses completely insecure 'encryption' that allows any worm or virus to read your passwords

Miranda NG uses strong cryptography (AES256) + the special schema that prevents a brute force attack against your password. You just need to enter a password for your profile (if you forget it, your profile will be inaccessible forever, the only way to decrypt it is to enter a vaild password).
 

Offline Robyer

  • Moderator
  • *****
  • Posts: 1008
  • Country: cz
  • Karma: 57
    • Robyer.cz website
  • Jabber ID
  • Version Info
Re: Passwords encryption strength?
« Reply #2 on: 15 02 2017, 15:04:15 »
ajim, just don't forget to enable the full encryption in Options / Database (that's where you also set the password, as ghazan mentioned).
I'm developing mainly Facebook, Omegle, Steam, Dummy and MobileState plugins. ~ If you like my work, you can DONATE to me via Paypal.
 
The following users thanked this post: ajim

Offline Vulpix

  • Beta Tester
  • *****
  • Posts: 506
  • Country: 00
  • Karma: 12
Re: Passwords encryption strength?
« Reply #3 on: 15 02 2017, 17:58:45 »
I remember there was a bug with encryption whereby some stuff was still in plaintext in the profile, if it was a very old profile. You should probably check for that when you enable encryption, to see if there is still plaintext. If so, you may need to reimport your profile.
 

Offline ajimTopic starter

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
Re: Passwords encryption strength?
« Reply #4 on: 16 02 2017, 13:29:51 »
Awesome. Thanks.