bundles/org.eclipse.platform.doc.user/reference/ref-securestorage-works.htm - platform/eclipse.platform.common - Git at Google

 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
 <html lang="en">
 <head>
   <meta name="copyright" content=
   "Copyright (c) IBM Corporation and others 2008, 2011. This page is made available under license. For full details see the LEGAL in the documentation book that contains this page.">
   <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
   <meta http-equiv="Content-Style-Type" content="text/css">
   <link rel="STYLESHEET" href="../book.css" charset="ISO-8859-1" type="text/css">
   <script language="JavaScript" src="PLUGINS_ROOT/org.eclipse.help/livehelp.js" type="text/javascript"></script>
   <title>How secure storage works</title>
 </head>
 <body bgcolor="#FFFFFF">
   <h1 class="Head">How secure storage works</h1>
   <p>Let's consider a concrete example of Git integration. When you specify a password for a Git connection, the
   application offers you an option to save your user name and password using secure storage.</p>
   <p align="center"><img alt="Schema of secure storage encrypting data" src=
   "../images/equinox_secure_storage_start.svg"><br></p>
   <p align="center"><b>Picture 1. How secure storage works.</b></p>
   <p>Your Git password is passed as data to secure storage. Secure storage uses a "master" password to encrypt it and
   store the encrypted Git password in a file on disk.</p>
   <p>The master password is obtained from a password provider module. The master passwords are obtained in a "lazy"
   fashion, only when they are about to be used. Password providers can use different techniques:</p>
   <ul>
     <li>on <i>Windows</i>, the master password is generated as a random value that is encrypted based on your Windows
     login information and stored in secure storage;</li>
     <li>on <i>macOS</i>, the master password is initially created as a random value that is stored in the OS
     keyring;</li>
     <li>the default password provider simply prompts you for a password;</li>
     <li>other password providers might be supplied in your application.</li>
   </ul>
   <p>When data is saved with secure storage, the password provider is selected based on the priorities from the list of
   enabled password providers. Only that provider can be used in future to decrypt the data.</p>
   <h3 class="related">Related concepts</h3><a href="ref-securestorage-start.htm">Secure storage</a><br>
   <a href="ref-securestorage-recovery.htm">Password recovery</a><br>
   <a href="ref-securestorage-passwd.htm">Life of a master password</a>
   <h3 class="related">Related reference</h3><a href="ref-securestorage-prefs.htm">Secure storage preference
   page</a><br>
   <a href="ref-securestorage-options.htm">Secure storage runtime options</a>
 </body>
 </html>
	<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
	<html lang="en">
	<head>
	<meta name="copyright" content=
	"Copyright (c) IBM Corporation and others 2008, 2011. This page is made available under license. For full details see the LEGAL in the documentation book that contains this page.">
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
	<meta http-equiv="Content-Style-Type" content="text/css">
	<link rel="STYLESHEET" href="../book.css" charset="ISO-8859-1" type="text/css">
	<script language="JavaScript" src="PLUGINS_ROOT/org.eclipse.help/livehelp.js" type="text/javascript"></script>
	<title>How secure storage works</title>
	</head>
	<body bgcolor="#FFFFFF">
	<h1 class="Head">How secure storage works</h1>
	<p>Let's consider a concrete example of Git integration. When you specify a password for a Git connection, the
	application offers you an option to save your user name and password using secure storage.</p>
	<p align="center"><img alt="Schema of secure storage encrypting data" src=
	"../images/equinox_secure_storage_start.svg"><br></p>
	<p align="center"><b>Picture 1. How secure storage works.</b></p>
	<p>Your Git password is passed as data to secure storage. Secure storage uses a "master" password to encrypt it and
	store the encrypted Git password in a file on disk.</p>
	<p>The master password is obtained from a password provider module. The master passwords are obtained in a "lazy"
	fashion, only when they are about to be used. Password providers can use different techniques:</p>
	<ul>
	<li>on <i>Windows</i>, the master password is generated as a random value that is encrypted based on your Windows
	login information and stored in secure storage;</li>
	<li>on <i>macOS</i>, the master password is initially created as a random value that is stored in the OS
	keyring;</li>
	<li>the default password provider simply prompts you for a password;</li>
	<li>other password providers might be supplied in your application.</li>
	</ul>
	<p>When data is saved with secure storage, the password provider is selected based on the priorities from the list of
	enabled password providers. Only that provider can be used in future to decrypt the data.</p>
	<h3 class="related">Related concepts</h3><a href="ref-securestorage-start.htm">Secure storage</a><br>
	<a href="ref-securestorage-recovery.htm">Password recovery</a><br>
	<a href="ref-securestorage-passwd.htm">Life of a master password</a>
	<h3 class="related">Related reference</h3><a href="ref-securestorage-prefs.htm">Secure storage preference
	page</a><br>
	<a href="ref-securestorage-options.htm">Secure storage runtime options</a>
	</body>
	</html>