Ask a Question

Can you not store plain text passwords in an unencrypted database backup (zip file)?

+2 votes
in Other by (140 points)
edited by
This is a serious security issue. We are talking about Amazon and eBay accounts here.

At least give us an option to not store the password at all.

Whats the point of time limiting it in the app itself where it is, in theory, protected on unrooted devices but then have it exist forever in a plain textfile? At least password protect the zip file pretty sure your lib supports that already.

2 Answers

0 votes
by (230 points)
I just stumbled upon this too - please remove the plain-text password from the backup!!!
0 votes
by (45.6k points)
Sorry for not answering earlier.

If I'm not mistaken, all passwords in the backup are file are encrypted just like in the app. While this won't hold of hackers with a major interest and enough time on their hands, it's about as secure as in the app itself. You should always make sure to keep the backups in a safe location.

That said, I'll consider adding an option to emit the passwords from the backup file but the ToDo list is very long. So no promises, sorry!
Welcome to Deliveries Package Tracker Q&A, where you can ask questions and receive answers from other members of the community.

Categories

Snow Theme by Q2A Market
Powered by Question2Answer
About
Privacy
© 2013-2024 oRRs (Oliver Rennies)
...