[prev in list] [next in list] [prev in thread] [next in thread] 

List:       password-store
Subject:    [pass] android?
From:       chris () chrisdown ! name (Chris Down)
Date:       2013-09-21 20:32:26
Message-ID: 20130921203226.GA7220 () chrisdown ! name
[Download RAW message or body]

On 2013-09-21 14:21, David Sklar wrote:
> Does Android have any system-level APIs for credential storage? If nothing
> else, the passphrase could be kept there (with a short expiration time),
> limiting damage if the phone is lost.

Do not store them on the device. Store them off-device, generate a
token, and store the token in AccountManager[0]. Then, if you must,
cache them as appropriate (using getCacheDir[1] or similar).

0: http://developer.android.com/reference/android/accounts/AccountManager.html
1: http://developer.android.com/reference/android/content/Context.html#getCacheDir()
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20130921/c3114ee3/attachment.asc>

[prev in list] [next in list] [prev in thread] [next in thread]