Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: Re:Surely this is expected (Score 1) 49 49

An application specific password is meant to be given to the application once and then never typed again, heavily reducing the chance of it being compromised.

If it's kept in persistent storage by the application, that actually increases the chance of it being compromised. Rather than logging keystrokes or peeking at RAM or man-in-the-middling the application in some way, you can just read a file.

"If you own a machine, you are in turn owned by it, and spend your time serving it..." -- Marion Zimmer Bradley, _The Forbidden Tower_

Working...