This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.
Password for vaults
jsamuelson
Junior Member ✭
A technical question for someone who knows more about OS X cryptography than me - if I have been working with vaults, have entered my password to open them but not saved in the Keychain, then close the vaults, is the password stored anywhere, in a cache, RAM, virtual memory etc? Or fragments of data that could be used to reconstruct the password?
ie If someone stole my machine and dumped the RAM/VM could they potentially find my password? As someone else has mentioned this seems to be possible with user logins and FileVault passwords.
It would be nice to know that if the vaults have been closed the password has been properly scrubbed.
I have Use Secure Virtual Memory set in System Prefs but I think data is still written to RAM in the clear, so to speak.
Thanks!
ie If someone stole my machine and dumped the RAM/VM could they potentially find my password? As someone else has mentioned this seems to be possible with user logins and FileVault passwords.
It would be nice to know that if the vaults have been closed the password has been properly scrubbed.
I have Use Secure Virtual Memory set in System Prefs but I think data is still written to RAM in the clear, so to speak.
Thanks!
Flag
0
Comments
-
Knox will not keep your password around. The handling of the decryption and maintaining that open state is passed off to OS X. I'm honestly not sure how they handle that, but I would like to think they are taking reasonable precautions to not have passwords floating around in RAM. Secure Virtual Memory is a good start to being extra sure. :)Flag 0
-
Thanks! I will do some research myself and post back if I find anything significant...Flag 0
