Hacker News new | past | comments | ask | show | jobs | submit login

On Mac, you could store the master key in the Keychain. I've been off of Windows for almost a decade so I'm not sure if they have a similar feature.

> Keychain items can be shared only between apps from the same developer.

https://support.apple.com/guide/security/keychain-data-prote...




Palemoon on linux uses the gnome keyring. You have to auth against that to get access to your saved passwords.


Windows doesn't have a system level key store.

Instead the Windows API's have a symmetric encryption API (DPAPI) that allows developers to supply plain text, and receive cipher text.

It would then be up to developers to persist the cipher text.

DPAPI master key is protected by the OS, behind User Credentials.


isn't it per user though, instead of per developer (like apple)?

a dodgy pypi package that can call CryptUnprotectData too


Per login credential, yes.


so that's essentially useless against this sort of attack?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: