Skip to content
This repository has been archived by the owner on Apr 6, 2021. It is now read-only.

Secrets should be stored in a java.security.KeyStore #157

Closed
ThomasHabets opened this issue Oct 10, 2014 · 3 comments
Closed

Secrets should be stored in a java.security.KeyStore #157

ThomasHabets opened this issue Oct 10, 2014 · 3 comments
Labels
enhancement Priority-Medium

Comments

@ThomasHabets
Copy link
Contributor

Original issue 158 created by [email protected] on 2012-03-28T23:27:19.000Z:

Instead of storing the secrets in the SQLite database, the SQLite database should store the alias of the SecretKey in a java.security.KeyStore. This will allow migration to more secure methods of storage in the future.

Note that you'll have to use a JCEKS instead of the default JKS.
@ThomasHabets
Copy link
Contributor Author

Comment #1 originally posted by [email protected] on 2012-10-23T14:16:19.000Z:

We might get back to this once there are more secure KeyStores on Android.

@Manouchehri
Copy link

Any update on this? I've got a Lollipop device that has no room to install on the internal storage, and can't encrypt the SD card.

@ThomasHabets ThomasHabets mentioned this issue Jul 12, 2016
Open
@ThomasHabets
Copy link
Contributor Author

No update, aside from that I'm moving this to the android repo.

google/google-authenticator-android#48

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement Priority-Medium
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ThomasHabets @Manouchehri