[pass] android?

Chris Down chris at chrisdown.name
Sat Sep 21 22:32:26 CEST 2013


On 2013-09-21 14:21, David Sklar wrote:
> Does Android have any system-level APIs for credential storage? If nothing
> else, the passphrase could be kept there (with a short expiration time),
> limiting damage if the phone is lost.

Do not store them on the device. Store them off-device, generate a
token, and store the token in AccountManager[0]. Then, if you must,
cache them as appropriate (using getCacheDir[1] or similar).

0: http://developer.android.com/reference/android/accounts/AccountManager.html
1: http://developer.android.com/reference/android/content/Context.html#getCacheDir()
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20130921/c3114ee3/attachment.asc>


More information about the Password-Store mailing list