Deluge Forum

Hi,
In wiki it explains the way of save passwords: http://dev.deluge-torrent.org/wiki/User ... entication
But in that example the password is saved in plain text, very insecure!!
Is there a way to save this password encrypted?

Not currently.
However, your auth file should only be readable by you, so it's not a huge security risk.

johnnyg wrote:Not currently.
However, your auth file should only be readable by you, so it's not a huge security risk.

Yes, it's a security risk: http://en.wikipedia.org/wiki/Password#F ... _passwords, http://www.readwriteweb.com/archives/ro ... swords.php, http://www.mirrorten.com/plain-text-pas ... torage.php, etc...
If you search in Google, for example, by "password plain text security", you'll see many pages saying that this is the worst manner of do this.
By other side, in my auth file there is two entries: localclient and mine. localclient is created automatically by deluge daemon and its password is encrypted!! Why has localclient a encrypted password and mine can't?

I didn't say it wasn't a security risk, just not a huge one; if someone gains access to your account, I think controlling your torrents isn't your biggest problem...
That said, there are plans to have it store a cryptographic hash of the password instead.

localclient's password is also stored in plaintext; what you see is its password (it just happens to look encrypted).