<!--adsense-->Pidgin is an instant messaging program for Windows, Linux, BSD, and other Unixes. You can talk to your friends using AIM, ICQ, Jabber/XMPP, MSN Messenger, Yahoo!, Bonjour, Gadu-Gadu, IRC, Novell GroupWise Messenger, QQ, Lotus Sametime, SILC, SIMPLE, and Zephyr.

Pidgin stores you passwords in plain text in ~/.purple/accounts.xml.Someone can easily boot into recovery mode while you are away and find your passwords in plain text.

Download the patch from here into the same directory and do the following

tar xf master-password.patch.tar

patch -p 1 < master-password.patch

You should be ready to configure, make, and install as normal.

./configure

make

sudo make install

When you launch pidgin, you will see a new tab in the preferences called "security". You can set a master password there. The link above has screenshots. After configuring, you should notice that the accounts.xml file now has gibberish where there once were passwords.

To remove pidgin, run the following from the directory in which you built pidgin

make uninstall

This will work for pidgin 2.1.0,2.1.1 versions.

<!--adsense#banner-->

Tags: Fix for Master password expose for Pidgin, General, password security for pidgin, Pidgin ubuntu, securityFix for Master password expose for Pidgin, General, password security for pidgin, Pidgin ubuntu, security