[missing-sync-pocketpc-talk] Bug: Password not stored in Keychain

[Olivier Scherler]

> This need to log on each time you connect is no different to
> Activesync on PC - if the device PocketPC has a password then it will
> prompt you each time you connect regardless of what you do on the PC
> end - It's call security. Remember you can connect a PocketPC to any
> system (with Activesync on) and log on as a guest and see/download
> everything on the device - a password stop this access. Personally
> think keychain, which a nice idea for some passwords, is dangerous
> because it generates an open door. Microsoft were sensible here not
> wishing for unauthorised users to have easy to access the device,
> they also assummed people could at least remember a simple password.

I think I'm able (and the only one competent) to tell whether using the keychain
is dangerous for me. I don't need Microsoft to tell me which passwords I can
store and which ones I can't. My IT department can make recommendations for my
work machine, but I'm the only master of my home Mac. If someone wants to break
into my house to crack my keychain file, let him come, I don't think reading my
email is worth getting acquainted with my dog's fangs. 

Moreover, I don't reckon anyone using computers and the Internet these days has
only one password to remember. Mac login, Pocket PC, email, .Mac account... And
if they use the same password everywhere, they might just as well use the
Keychain.

All of this to say keychain support in TMS is a good thing in my opinion. OK,
the strength of TMS is to be as PC/ActiveSync-like as possible from the Pocket
PC's point of view, but also as Mac-like as possible from the user's point of
view.

Olivier