Wireshark-dev: Re: [Wireshark-dev] Passwordlist in Wireshark - User feedback wanted
From: Guy Harris <guy@xxxxxxxxxxxx>
Date: Sun, 16 Jun 2019 12:58:55 -0700
On Jun 16, 2019, at 9:52 AM, Jasper Bongertz <jasper@xxxxxxxxxxxxxx> wrote:

> I have seen at least three occasions where the fact that credentials were that easily accessed with a network analysis tool has resulted in a ban of that exact tool by upper management. In one case this affected a freshly bought license of Clearsight, which immediately after receiving the product ended up in a safe under lock and key, never again to see the light of day.
> 
> It may sound weird but this is one case of the typcail "what they don't know doesn't bother them". If this function is added some people will suddenly realize the potential that they are currently unaware of, so it's quite possible that Wireshark will be banned when it is currently fine to use it (in enterprise network that usually means admins only, anyway).

Would providing this capability as a "third-party" plugin (even if the "third party" happens to be a Wireshark core developer) work?  *Wireshark* doesn't offer it as a built-in capability, but you can drop in a plugin to get it.