| <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> |
| <html lang="en"> |
| <head> |
| <meta name="copyright" content= |
| "Copyright (c) IBM Corporation and others 2008, 2011. This page is made available under license. For full details see the LEGAL in the documentation book that contains this page."> |
| <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
| <meta http-equiv="Content-Style-Type" content="text/css"> |
| <link rel="STYLESHEET" href="../book.css" charset="ISO-8859-1" type="text/css"> |
| <script language="JavaScript" src="PLUGINS_ROOT/org.eclipse.help/livehelp.js" type="text/javascript"></script> |
| <title>Life of a master password</title> |
| </head> |
| <body bgcolor="#FFFFFF"> |
| <h1 class="Head">Life of a master password</h1> |
| <p>The "master" password is used to encrypt and decrypt data stored by the secure storage. The master passwords are |
| specific to providers: each provider has a separate master password.</p> |
| <p>The life of a master password begins when a password provider is asked for it for a first time. Depending on the |
| provider, it will either generate a master password behind the scenes, or will ask you for some input. The same |
| master password is then used for all subsequent use of this password provider.</p> |
| <p align="center"><img alt="Lifecycle of a master password." src="../images/equinox_secure_storage_pswd.svg"></p> |
| <p align="center"><b>Picture 1. Lifecycle of a master password.</b></p> |
| <p>Once the master password is obtained from the password provider, it is cached in memory until the application is |
| closed or the password cache is cleared using the <a class="command-link" href= |
| 'javascript:executeCommand("org.eclipse.ui.window.preferences(preferencePageId=org.eclipse.equinox.security.ui.storage)")'> |
| <img src="PLUGINS_ROOT/org.eclipse.help/command_link.svg" alt="command link"> <b>General > Security > Secure |
| Storage</b></a> preference page.</p> |
| <p>The master password can be changed using the <a class="command-link" href= |
| 'javascript:executeCommand("org.eclipse.ui.window.preferences(preferencePageId=org.eclipse.equinox.security.ui.storage)")'> |
| <img src="PLUGINS_ROOT/org.eclipse.help/command_link.svg" alt="command link"> <b>Secure Storage</b></a> preference |
| page. Depending on the provider, the password change operation might require some input from you or might happen |
| completely behind the scenes.</p> |
| <p>In case the master password is lost, it can be recovered if password recovery questions and answers were |
| specified. The password recovery allows working around both human and machine problems. For instance, if a UI prompt |
| was used to enter a password and the user forgot the password. If an operating system integration module was used, |
| the operating system might have been re-installed or an entry deleted in the system keyring that was used for the |
| master password.</p> |
| <h3 class="related">Related concepts</h3><a href="ref-securestorage-start.htm">Secure storage</a><br> |
| <a href="ref-securestorage-works.htm">How secure storage works</a> |
| <h3 class="related">Related reference</h3><a href="ref-securestorage-prefs.htm">Secure storage preference |
| page</a><br> |
| <a href="ref-securestorage-options.htm">Secure storage runtime options</a> |
| </body> |
| </html> |
