Dmitry Jemerov - 28 Sep 07 20:59 Use the 'Use login authentication" mode if you consider this a security problem. This may be possible to work around by passing p4 parameters via some kind of response file, but "Use login authentication" looks like a better solution to me.

Keith Lea - 02 Oct 07 00:37 We would prefer a password file, which of course would be perfectly secure... we don't use p4 login here and educating (read: spamming) all of our IDEA users about it is not practical.

Dmitry Jemerov - 02 Oct 07 09:16 Patches are welcome, although I still don't see why invent some workarounds rather than use the solution which was specifically designed for this problem.

Keith Lea - 02 Oct 07 23:18 You're lucky, we just upgraded to a version of p4 that fixes the p4tickets expiration problem, so telling people to use p4 login is an option now. I'm not sure whether we'll do that or patch the plugin. This bug remains a serious security problem for anyone using the plugin. Why would a company even bother issuing Perforce passwords if they will be shown in plaintext to anyone using "ps" or "top"? Why not just use the honor system? The P4PASSWD env variable would be a secure way to set the password for perforce operations.