I recently realized when you save a password in a variable, it's actually stored as plain text in the memory.
I know the OS does a good job by forbidding processes from accessing other allocated memory. But isn't it still bypassable? Is there a safer way to store passwords to make sure processess can't access them?
Discuss This Question: 2  Replies
What platform? What OS? If your programming is receiving a password and holding it in a variable, it's up to your programming to protect it. An OS (perhaps depending on hardware/firmware memory management) generally isolates address spaces from different processes; but that can't provide any guarantee if you don't control the machine.
More detail would be useful, particularly any programming (or scripting) technologies being used.
Tom