Prevent Seafile from storing passwords


#1

Hey, i’m using seafile-pro-server_6.3.9 and i want do disable that seafile stores a password for a library for 1 hour after logging in. I want that you need to enter the password at any time you access the library.

Pls help me
thanks, Len


#2

I am no developer let alone crypto expert, but I think what you want is impossible.

Unless the server temporarily stores the password, you cannot access data in an encrypted library. How is the data supposed to get decrypted? You would not want to the server to deliver encrypted data to your browser.

Have you ever tried to buy something in a web shop with all cookies disabled? Try it! I won’t work.

More info on the temporary storage of the passwort by the Seafile server here: https://manual.seafile.com/security/security_features.html


#3

Okay Thanks a lot, but does anyone know, where exactly i can find this options ? I dont know what i can do


#4

What option? The time the server stores the password? This is - for the reasons stated above - no parameter in the server settings.

You can certainly change the one hour to less than 1h or even 0 somewhere in the source code. But then you must compile the source code. Do you know how to do this? And what for? Just to realize that encrypted libraries cannot be used in Seahub when the server does not store the password?


#5

what would you suggest to do ?


#6

I can’t help you any more. I don’t even know what you aim at achieving?