Windows Live 登录助手,Windows Live Messenger有自动密码保存功能。并且使用起来也很方便,Remove也很方便。如果对安全有根弦的话,就要问了,究竟密码保存在哪里?
文件?注册表?
先不说这个。在Windows Live Blog上有这样一段描述。
所以不用管他到底存储在哪里,这已经不是重点,重点是微软Windows Live用一个类似容器的东西对密码进行了保护。存在文件还是注册表这只是容器之下的一种底层细节,说不定那个版本就把文件又转存到注册表里了。而这里的关键很显然对Windows Live密码做了加密保护。True Password Persistence!Before the Windows Live Sign-in Assistant, the ‘save my password’ option caused your sign-in state to be persisted across multiple browser sessions (it was a persistent cookie), but hitting “sign-out” at any page would delete the cookie and the next time you wanted to log in, you were prompted for your password again.This was a frustrating experience for users.With the Sign-in Assistant installed, the ‘save my password’ box will work just like it does in Messenger – it will keep the password in a local credential store (we use the Windows Credential Manager). If you’ve chosen to save your password, all it takes to sign in is a single click on the appropriate user tile. This is a huge improvement over the previous experience. We’ve also made it very easy for you to remove your saved password, just click on “remove” link and the member name and password are deleted from the credential store. You are in still in control of when your credentials are saved.
具体怎么才能让Windows Messenger还有Assisant调用这个是具体的技术细节问题。但是目前大体有了个感性的认识。
