On Wed, Mar 29, 2023 at 6:02 PM Evgeny Kotkov <evgeny.kot...@visualsvn.com> wrote: > > Nathan Hartman <hartman.nat...@gmail.com> writes: > > > I think a good middle ground is: > > > > * Build with --enable-plaintext-password-storage by default; users who > > want to harden their system can do so, but will need to build their > > own client. > > +1. > > > * Set the default run-time config to store-plaintext-passwords = no > > (if it isn't already; haven't checked) and instruct users on how to > > change it. This makes the decision to store in plaintext an explicit > > one that the user can opt into. (I appreciate that this could be > > changed without the user's knowledge; perhaps the systemwide config > > should always take precedence over the user-controlled one for this > > setting?) > > So, apparently, the current default is "ask". > > I haven't checked all the details, but I think that defaulting to "ask" > already makes the user decision explicit and allows it to happen naturally, > without requiring any additional instructions or knowledge. > > If we change the default to "no", this part of the experience could be worse, > because for the end users it might look like the credentials aren't being > stored for unknown reasons / a bug in the software.
Ah, this makes sense. In that case, I'm +1 to leave it as "ask" (no change). Cheers, Nathan
