Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connection string stored in plaintext #58

Closed
daygr opened this issue Nov 18, 2019 · 2 comments
Closed

Connection string stored in plaintext #58

daygr opened this issue Nov 18, 2019 · 2 comments
Labels
bug Something isn't working

Comments

@daygr
Copy link

daygr commented Nov 18, 2019

Synopsis

The file /data/data/info.varden.hauk/shared_prefs/connectionPrefs.xml is where the Hauk app stores connection details, however this file currently just writes whatever connection information is provided to the app into plaintext. The connection details, particularly username/password, should be stored via the android keystore provider if it is available on the system, so that connection details are private to the Hauk app.

Expected Behavior

The credentials entered into the application are not in plaintext in the data files.

Actual Behavior

Connection user/password are stored in plaintext in the previously mentioned file.

System Details

Device: ONEPLUS A3000
OS: LineageOS v14.1 (Android 7.1.2)
@bilde2910
Copy link
Owner

I will look into this and see if I can use the keystore properly. It is indeed less than ideal to store these credentials in plain text.

@bilde2910 bilde2910 added the bug Something isn't working label Nov 20, 2019
@bilde2910
Copy link
Owner

This will be live in v1.5.

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bilde2910 @daygr