When connecting via OpenVPN® protocol, you might see the following line in the connection logs of the VPN client software:
WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this
Please note that this is nothing to worry about. It gets displayed for everyone, so there’s nothing wrong with your system.
The warning means that it would be theoretically possible that someone could steal your VPN password if he had access to your (virtual) memory.
That is true, but should a hacker have access to your RAM or page file already, your VPN password is the last thing you should worry about.
When connecting with *.ovpn files, you can just add the line “auth-nocache” to the config file of the server you want to connect to;
then the warning does not appear anymore. This is not possible with the HMA VPN client at the moment, but as mentioned:
Enforcing this option does not really improve your security, and it does not close security leaks.