Howto: Local Password Encryption for Gaim and Pidgin

Pidgin stores you passwords in plain text in ~/.purple/accounts.xml. At home, I am fine with this, but on a computer that is not mine (like at work), I am less comfortable with this. Someone can easily boot into recovery mode while I am away and find my passwords in plain text.

There is a patch for Gaim at http://dooglus.rincevent.net/gaim/ . Attached is a patch for Pidgin.

In order to use the patch, you will need a couple libraries and development headers.
Code:

sudo apt-get install libnspr4-0d libnss3-0d
sudo apt-get install libnss-dev libnspr-dev

Download the source from http://pidgin.im/pidgin/download/source/ if you haven't already, and unzip it.
Download the patch into the same directory and do the following
Code:

tar xf master-password.patch.tar
patch -p 1 <>
You should be ready to configure, make, and install as normal.
Code:

./configure
make && sudo make install

When you launch pidgin, you will see a new tab in the preferences called "security". You can set a master password there. The link above has screenshots. After configuring, you should notice that the accounts.xml file now has gibberish where there once were passwords. This has been tested on Kubuntu 7.04

To remove pidgin, run the following from the directory in which you built pidgin:
Code:

make uninstall
grab pidgin patch here

Clicky Web Analytics