Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Eclipse Workbench User Guide
Previous Page Home Next Page

How secure storage works

Let's consider a concrete example of CVS integration. When you specify a password for a CVS connection, the application offers you an option to save your user name and password using secure storage.

Schema of secure storage encrypting data

Picture 1. How secure storage works.

Your CVS password is passed as data to secure storage. Secure storage uses a "master" password to encrypt it and store the encrypted CVS password in a file on disk.

The master password is obtained from a password provider module. The master passwords are obtained in a "lazy" fashion, only when they are about to be used. Password providers can use different techniques:

  • on Windows, the master password is generated as a random value that is encrypted based on your Windows login information and stored in secure storage;
  • on Macintosh, the master password is initially created as a random value that is stored in the OS keyring;
  • the default password provider simply prompts you for a password;
  • other password providers might be supplied in your application.

When data is saved with secure storage, the password provider is selected based on the priorities from the list of enabled password providers. Only that provider can be used in future to decrypt the data.

Related concepts
Secure storage
Password recovery
Life of a master password

Related reference
Secure storage preference page
Secure storage runtime options


 
 
  Published under the terms of the Eclipse Public License Version 1.0 ("EPL") Design by Interspire