by negora » Thu Oct 24, 2013 3:26 pm
Ops, I thought that it was an easier task. But if it's going to cause instability, I agree that it's better to leave it as is.
About the current storage method, What kind of algorithm does DBeaver use to hash the passwords? I've checked the file ~/.dbeaver/DBeaver/data-sources.xml and have seen some encrypted password. Could it be possible to store every password or at least the passwords of every data source with an exclusive salt? This salt could be stored in the same file. It's just to make massive brute force attacks more complicated. Also a slow algorithm such as PBKDF2 would help a lot in this task. I've no idea if you're already using this one.
Thank you.