[Interest] Qt signal when system is awakened

Thiago Macieira thiago.macieira at intel.com
Thu Jul 25 05:39:22 CEST 2013


On quinta-feira, 25 de julho de 2013 10:34:09, Tony Rietwyk wrote:
> I wanted to avoid keeping the password in memory after the login process.
> Popping up the login dialog on the client at the point where they try to
> communicate is really messy.   But I suppose it is just as messy, doing that
> when the awaken occurs.  I'll try keeping the password, and attempting a
> silent reconnect.

Well, you should keep a time-limited cookie, which grants you access for, say, 
8 hours or 24 hours. If the machine has slept for longer, the cookie expires 
and you'll have to ask the user for a password.

It's actually preferable to do that. Suppose the laptop gets stolen while 
suspended. It's a better idea to require the password. Besides, unlimited 
cookies are always a problem, since they could allow an attacker that obtained 
the cookie to continue using it many days later.

-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.qt-project.org/pipermail/interest/attachments/20130724/3c934b9b/attachment.sig>


More information about the Interest mailing list