Recently I have started to use the GNOME keyring application to store information such as passwords (along with logins) so that I don't have to remember it. Mostly these are passwords to Internet services, such as websites. It all works well, but I am wondering what kind of protection does the keyring offer me?
As I understand it is a file that is part of my local storage. Interestingly enough, when I start up the keyring application, it doesn't ask me for a password. My worry is that the keyring file, if stolen, will grant the thief all my passwords stored in the keyring, on a silver platter. Is that so? I was thinking that the file was encrypted with the password I specified. My keyring password IS NOT the same as my login password, mind you.
Can it be that the keyring application does not ask me for my password because the daemon remember the password or keeps the decrypted file in memory?