[SailfishDevel] Storing credentials safely in a python+QML app
Andrey Kozhevnikov
coderusinbox at gmail.com
Thu Sep 15 11:46:01 UTC 2016
you should use master password for saving credentials, or ask every time
to enter password and save only login.
------ Исходное сообщение ------
От: "J. Pablo" <elfio at hiperones.es>
Кому: "Sailfish OS Developers mailing list (devel at lists.sailfishos.org)"
<devel at lists.sailfishos.org>
Отправлено: 15.09.2016 16:44:22
Тема: [SailfishDevel] Storing credentials safely in a python+QML app
>Hello sailors!
>
>This is my first email in the list, although I've been reading for a
>while.
>
>I'm designing a simple app that show the user some info about its
>contract with its mobile carrier (pepephone, from Spain).
>
>Their API is pretty simple and you have to login each time with user
>and password and then the servers returns a sessionID.
>
>I'd like to keep username and password safely in the phone. Now, I'm
>aware that obfuscation is not an option, and any other safe method that
>come to my mind needs a master password. I've asked to other dev and he
>use a salt and the IMEI to encrypt it, but you only have to get other
>app into the phone and knowing the algorithm (easly checking the code
>on github) you can get the password.
>
>I wonder if SFOS has some kind of keyring like kde or gnome, or if
>there is no other way than the described above. Any suggestion is
>appreciated :)
>
>Cheers,
>Pablo.
>_______________________________________________
>SailfishOS.org Devel mailing list
>To unsubscribe, please send a mail to
>devel-unsubscribe at lists.sailfishos.org
More information about the Devel
mailing list