Password in non-default keychain are copied to login keychain #2878
Comments
the issue still exists in 3.1.2. if you log into a ftp-account with password saved in a non-default keychain, login is ok. as soon as you download a file (with open new connection instead of use browser connection) cyberduck tries to save the password in the default keychain again. |
Milestone 3.2 deleted |
The bug is still there in v3.3 (5552). This one makes it impossible to store passwords securely. Added to unusable SFTP (#12134) make one wonder why Cyberduck has a serious lack of priority for security. Are things like S3 or Rackspace support really more requested than solid SSH and Keychain support? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Passwords already registered in a keychain different from ~/Library/Keychains/login.keychain will be read and copied to ~/Library/Keychains/login.keychain (which defeats the whole point of storing them in a different keychain)
The code to read passwords in keychains different from ~/Library/Keychains/login.keychain was included 1ec8991 in 3.1, in order to fix issue #2001
I only checked this using FTP.
The text was updated successfully, but these errors were encountered: