Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
What's the story with these ads on Slashdot? Check out our new blog post to find out. ×

Comment Re:Surely this is expected (Score 1) 49

An application specific password is meant to be given to the application once and then never typed again, heavily reducing the chance of it being compromised.

If it's kept in persistent storage by the application, that actually increases the chance of it being compromised. Rather than logging keystrokes or peeking at RAM or man-in-the-middling the application in some way, you can just read a file.

"Don't tell me I'm burning the candle at both ends -- tell me where to get more wax!!"

Working...