9

I've always thought I was somewhat lazy about not caring about plaintext password in RAM in WPF (or whatever) but then this guy made a super valid point...

I really think a hacker would just keylog at that point rather than trying to read your obscure program's memory for your password... especially if they have access to raw memory...

Comments
  • 4
    It's possible with the cold boot attack, highly unlikely that someone would go to that level unless they seriously wanted to know everything about you considering a keylogger or something to auto paste the clipboard would take a lot less effort.

    https://en.wikipedia.org/wiki/...
  • 5
    @AtuM
    Yeah, but supporting cryptographic identities is so 2030.
  • 3
    Reminder that plaintext stuff is safer in RAM than on the hardisk but not foolproof; the most popular Windows attack framework mimikatz uses a process dump executable to dump your Windows password hash from RAM and passes for auth it to other Windows computers.
Add Comment