user wrote:the main issue is a non admin ( or other ) user accessing the pass.dat file locally, and then decoding the password. Often users ( admins ) use the same user/pass for everything, so by getting this via the pass.dat, it could lead to other compromise that may use the same use/pass combo.
In the solution in Yawcam the webcam owner will still have to type in the password for every user. There is no way a user himself can select a password in a secure way. This issue is also something that speaks against that the user should re-use an old password. Never use the same password that you already use some other place! (Especially not in Yawcam )