Gaim does not now and is not likely to encrypt the passwords in the

accounts.xml file (in 0.65, .gaimrc was replaced by accounts.xml,

prefs.xml, pounces.xml, and status.xml in order to make it easier to

expand as Gaim grows more complex, to make some of our current efforts

more possible, and some other reasons. The "why" of xml config files is

not addressed here though. ), nor is it likely to be encrypted in a

future release. This is somewhat controversial in Windows, esp. Windows

98 (because of its weak file protections) but that's the way things are.

The reasoning for this is multi-part.

1) Instant messaging is not very secure, and it's kind of pointless to

spend a lot of time adding protections onto the fairly strong file

protections of unix (our native platform) when the protocols themselves

aren't all that secure. The way to truly know who you are talking to is

to use gaim-e on both ends (or a similar plugin, gaim-encryption would

probably work as well), and use verified gpg keys. You shouldn't be

using your instant messaging password for anything else, anyway -- while

some protocols have decent password security, others are insufficient

and some (like irc) don't have any at all.

2) There are basically 4 approaches to password storage. A) Store a

password(s) behind a password. Basically this means that we require you

to type in some passphrase as Gaim starts in order to read the

accounts.xml file, and, to be truely secure, require you to type it

again if you write to it. Winicq does something very similar to this if

you set it to its highest security settings. B) Obscure a password.

This means we do something to store the password in some format other

than plain text, but we automatically convert it for you. This is

security by obscurity, and is a VERY Bad Thing(tm) in that it gives

users a false sense of security; a false sense that we (as Gaim

developers) believe would be worse to have than to let informed users

deal with the password issue themselves. (Consider that a naive user

might think that it is safe to share his or her accounts.xml, because

the passwords are "encrypted".) C) Store the password in plain text and

control access to the file. This is what Gaim does: the password is in

accounts.xml in plain text, but the file itself is only readable by its

owner. We allow the user to determine under what conditions sensitive

files should be opened (if at all), and what constitutes a breach of

security (for instance opening the file before you realize what's up

with it), and to react accordingly. ICQ is the only protocol that will

allow the account to be completely taken over by surprise, and that only

because of flaws in the server that allow accounts to be highjacked _at

the server_ w/out the use of a client at all. D) Lastly, you can not

store passwords at all. This is Gaim's default, and by far the most

secure of all of the options.

If you really wanted to, you could write a script to wrap Gaim that

would decrypt accounts.xml and re-encrypt it when Gaim exists. You

wouldn't be able to encrypt it while Gaim is running, because Gaim

writes to accounts.xml for things like info change. This would minimize

your exposure time unless (like me) you run Gaim nearly 24/7.

Personally, I feel that on any decent os (unix), if someone can get to

your files you should either be able to trust the person to not touch

them, or you shouldn't be storing sensitive information there at all.