[SailfishDevel] Storing credentials safely in a python+QML app
Marcin Mielniczuk
marmistrzmar at gmail.com
Thu Sep 15 13:34:58 UTC 2016
I remember Harmattan uses accounts-qt framework (libaccountsetup0,
libsignon0, etc.) for SSO support. Did Sailfish drop it?
Marcin
On 15.09.2016 15:02, J. Pablo wrote:
> But the master password should be remembered by the user? What's the difference then between this solution and just ask for the proper password each time?
>
> Thanks!
>
> El jueves, 15 de septiembre de 2016 11:46:01 (CEST) Andrey Kozhevnikov escribió:
>> you should use master password for saving credentials, or ask every time
>> to enter password and save only login.
>>
>> ------ Исходное сообщение ------
>> От: "J. Pablo" <elfio at hiperones.es>
>> Кому: "Sailfish OS Developers mailing list (devel at lists.sailfishos.org)"
>> <devel at lists.sailfishos.org>
>> Отправлено: 15.09.2016 16:44:22
>> Тема: [SailfishDevel] Storing credentials safely in a python+QML app
>>
>>> Hello sailors!
>>>
>>> This is my first email in the list, although I've been reading for a
>>> while.
>>>
>>> I'm designing a simple app that show the user some info about its
>>> contract with its mobile carrier (pepephone, from Spain).
>>>
>>> Their API is pretty simple and you have to login each time with user
>>> and password and then the servers returns a sessionID.
>>>
>>> I'd like to keep username and password safely in the phone. Now, I'm
>>> aware that obfuscation is not an option, and any other safe method that
>>> come to my mind needs a master password. I've asked to other dev and he
>>> use a salt and the IMEI to encrypt it, but you only have to get other
>>> app into the phone and knowing the algorithm (easly checking the code
>>> on github) you can get the password.
>>>
>>> I wonder if SFOS has some kind of keyring like kde or gnome, or if
>>> there is no other way than the described above. Any suggestion is
>>> appreciated :)
>>>
>>> Cheers,
>>> Pablo.
>>> _______________________________________________
>>> SailfishOS.org Devel mailing list
>>> To unsubscribe, please send a mail to
>>> devel-unsubscribe at lists.sailfishos.org
>> _______________________________________________
>> SailfishOS.org Devel mailing list
>> To unsubscribe, please send a mail to devel-unsubscribe at lists.sailfishos.org
> _______________________________________________
> SailfishOS.org Devel mailing list
> To unsubscribe, please send a mail to devel-unsubscribe at lists.sailfishos.org
More information about the Devel
mailing list