| |
| <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| <html lang="en"> |
| <HEAD> |
| |
| <meta name="copyright" content="Copyright (c) IBM Corporation and others 2008, 2011. This page is made available under license. For full details see the LEGAL in the documentation book that contains this page." > |
| |
| <META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> |
| <META http-equiv="Content-Style-Type" content="text/css"><LINK rel="STYLESHEET" href="../book.css" charset="ISO-8859-1" type="text/css"> |
| <script language="JavaScript" src="PLUGINS_ROOT/org.eclipse.help/livehelp.js" type="text/javascript"></script> |
| <TITLE>Life of a master password</TITLE> |
| </HEAD> |
| <BODY bgcolor="#ffffff"> |
| <H1 class="Head">Life of a master password</H1> |
| |
| <p>The "master" password is used to encrypt and decrypt data stored by the secure storage. |
| The master passwords are specific to providers: each provider has a separate master password.</p> |
| |
| <p>The life of a master password begins when a password provider is asked for it for a first time. |
| Depending on the provider, it will either generate a master password behind the scenes, or will ask you |
| for some input. The same master password is then used for all subsequent use of this password provider.</p> |
| |
| <p align="center"><img alt="Lifecycle of a master password." src="../images/equinox_secure_storage_pswd.png"><br> |
| </p> |
| <p align="center"><b>Picture 1. Lifecycle of a master password.</b></p> |
| |
| <p>Once the master password is obtained from the password provider, it is cached in memory until |
| the application is closed or the password cache is cleared using the <b>Secure Storage</b> preference page.</p> |
| |
| <p>The master password can be changed using the <b>Secure Storage</b> preference page. Depending on |
| the provider, the password change operation might require some input from you or might happen completely |
| behind the scenes.</p> |
| |
| <p>In case the master password is lost, it can be recovered if password recovery questions and answers were |
| specified. The password recovery allows working around both human and machine problems. For instance, if |
| a UI prompt was used to enter a password and the user forgot the password. If an operating system integration |
| module was used, the operating system might have been re-installed or an entry deleted in the system keyring |
| that was used for the master password.</p> |
| |
| <p><img alt="Related concepts" src="../images/ngrelc.png" border="0"> |
| <br><A href="ref-securestorage-start.htm">Secure storage</A> |
| <br><A href="ref-securestorage-works.htm">How secure storage works</A> |
| </p> |
| <p><img alt="Related reference" src="../images/ngrelr.png" border="0"> |
| <br><a href="ref-securestorage-prefs.htm">Secure storage preference page</a> |
| <br><a href="ref-securestorage-options.htm">Secure storage runtime options</a> |
| </p> |
| |
| </BODY> |
| </HTML> |