You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To my surprise I found that my credentials are stored in clear text in %AppData%\g-node\WinGIN\UserCredentials.json!
Although - in an ideal case - no one should have access to my personal folder, I don't think that's very secure. Especially since the web interface even offers measures like TFA.
Would it be possible to use more secure methods, like the Windows Credential Manager?
Alternatively, and as a quick workaround, would it be possible to offer a setting to not store my password but to prompt for it (at the cost of no background updates)? I'd rather abstain from using the WinGIN until there is a solution.
The text was updated successfully, but these errors were encountered:
To my surprise I found that my credentials are stored in clear text in %AppData%\g-node\WinGIN\UserCredentials.json!
Although - in an ideal case - no one should have access to my personal folder, I don't think that's very secure. Especially since the web interface even offers measures like TFA.
Would it be possible to use more secure methods, like the Windows Credential Manager?
Alternatively, and as a quick workaround, would it be possible to offer a setting to not store my password but to prompt for it (at the cost of no background updates)? I'd rather abstain from using the WinGIN until there is a solution.
The text was updated successfully, but these errors were encountered: