[SailfishDevel] Storing credentials safely in a python+QML app

Marcin Mielniczuk marmistrzmar at gmail.com
Thu Sep 15 13:34:58 UTC 2016 

I remember Harmattan uses accounts-qt framework (libaccountsetup0,
libsignon0, etc.) for SSO support. Did Sailfish drop it?

Marcin

On 15.09.2016 15:02, J. Pablo wrote:
> But the master password should be remembered by the user? What's the difference then between this solution and just ask for the proper password each time?
>
> Thanks!
>
> El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey Kozhevnikov escribió:
>> you should use master password for saving credentials, or ask every time 
>> to enter password and save only login.
>>
>> ------ Исходное сообщение ------
>> От: "J. Pablo" <elfio at hiperones.es>
>> Кому: "Sailfish OS Developers mailing list (devel at lists.sailfishos.org)" 
>> <devel at lists.sailfishos.org>
>> Отправлено: 15.09.2016 16:44:22
>> Тема: [SailfishDevel] Storing credentials safely in a python+QML app
>>
>>> Hello sailors!
>>>
>>> This is my first email in the list, although I've been reading for a 
>>> while.
>>>
>>> I'm designing a simple app that show the user some info about its 
>>> contract with its mobile carrier (pepephone, from Spain).
>>>
>>> Their API is pretty simple and you have to login each time with user 
>>> and password and then the servers returns a sessionID.
>>>
>>> I'd like to keep username and password safely in the phone. Now, I'm 
>>> aware that obfuscation is not an option, and any other safe method that 
>>> come to my mind needs a master password. I've asked to other dev and he 
>>> use a salt and the IMEI to encrypt it, but you only have to get other 
>>> app into the phone and knowing the algorithm (easly checking the code 
>>> on github) you can get the password.
>>>
>>> I wonder if SFOS has some kind of keyring like kde or gnome, or if 
>>> there is no other way than the described above. Any suggestion is 
>>> appreciated :)
>>>
>>> Cheers,
>>> Pablo.
>>> _______________________________________________
>>> SailfishOS.org Devel mailing list
>>> To unsubscribe, please send a mail to 
>>> devel-unsubscribe at lists.sailfishos.org
>> _______________________________________________
>> SailfishOS.org Devel mailing list
>> To unsubscribe, please send a mail to devel-unsubscribe at lists.sailfishos.org
> _______________________________________________
> SailfishOS.org Devel mailing list
> To unsubscribe, please send a mail to devel-unsubscribe at lists.sailfishos.org

More information about the Devel mailing list