wpa password appears when click on box

Disclaimer: I'm not a Wicd developer, so don't interpret my remarks as representative of their views...

I don't think I fully understand your situation. How will a client have that sort of access to your laptop? This sounds like a physical security issue much more than a bug in wicd.

That being said, I personally like the way it works now. Obfuscating the key is security by obscurity anyway - it *has* to be somewhere on the system, which means that it can be found. Even if wicd were to encrypt the key and then store that hash in the config file, wicd would also have to know how to reverse the hash to get the key to actually send to the access point, and since the algorithm to reverse the hash is part of wicd, it's a simple matter to get the plaintext key. Long story short, obfuscating the key might make users *feel* like the key is more secure, but it does little to nothing in actually making it more secure. JMHO, of course. :-)

Thanks for the reply! I guess I need to be more specific. I mean the Wicd gui. If you open the gui and click the advanced button, and scroll down and find where you type in the password and click on the box, the dots disappear and your password appears. Anyone using the laptop can open the gui and go through the steps I just explained and see my wpa network password. I realize that if one were savy enough, one could dig into the file system and find the password. But, I'm talking about the gui, which is fairly visible.

This might not make it in time for 1.5.0, but in an upcoming release they'll be a way to hide the password info even when you're typing it in.

Just an update, I am pleased that the password is now obscured, sort of. I wish the check box would also disappear. I am using version 1.5.8, any chance this would change in the near future?

I'm closing this due to the changes that were implemented. If you're still not entirely happy with the way this is handled in the 1.6.x branch, please open a new bug.