How to disable "Remember forever" option in mounting encrypted disks
I was looking for a similar information and came across this question of yours. Actually I was trying to understand how was this "remembered password" stored, and if it was safely stored.
Then I stumbled into @Gilles answer to a similar question in Stack Exchange.
Based on that answer, you can go to "Show applications" -> "Passwords and keys". Your stored password should be found under "Login", and can be deleted.
Under the default configuration in Ubuntu, passwords are stored in the GNOME keyring. This applies to all passwords stored by Nautilus, as well as most other applications including web browsers.
(Let me reiterate: default configuration, most. This can be changed and there are applications that don't support the Gnome keyring.)
You can use the Seahorse GUI program or the
secret-tool
command line utility to view and modify the contents of the keyring.There is some official documentation about Gnome Keyring, including a “security philosophy” and a more concrete security architecture.
Data in memory (“Remember password until you logout”) is present in the memory of the
gnome-keyring-daemon
process, which allows any process running as your user to query it. Gnome-keyring avoids swapping if possible; however, if you have any encrypted storage, you should have encrypted swap, because the programs that manipulate the confidential data could themselves be swapped out.Data on disk (“Remember forever”) is stored in the file
~/.gnome2/keyrings/login.keyring
. It is encrypted with a key that's derived from a password; normally, that's your login password, and Ubuntu is set up to unlock the keyring with your login password. The key is derived from the password with a salted, slow hash but I don't know exactly what the derivation function is.
A few more 18.10 tips in addition to gusbrs answer:
-
if the password list is empty, try going into:
- Menu
- View
- Show Any
LUKS passwords show as: "Encryption Passphrase for <disk name>"