Hi,
I want to save username and password of the person, so that it's populated automatically when the user opens the app. This is similar to how appery tester app behaves.
One solution I found is to save username & password in localstorage variables and read from them. But I don't think it's a secure way. How has the appery tester app implemented this?
Thanks,
Rahul.
There is no safe way to save the password on the client when building a mobile web app (the tester is a hybrid app). As you said, local storage is not secure.
Rahul, you could always use javascript 64 bit encoding before storing locally and then decode it when you need to use it.
To encode a string use: value = window.btoa(value);
To decode a string use: value = window.atob(value);
Hi Rahul,
Encryption will not fully protect data as decryption method is simple and well known.
It should be noted though that each application using localStorage uses private storage. That is, data do not overlap between the applications - it's impossible to read other people's localStorage data from another application.
localStorage is stored in the application data space and other programs don't have direct access to them.
Any updated thoughts on this topic? I like the convenience for the user to remember the pw, but want to be relatively secure, too. Based on Max's answer it seem a mobile web app (local storage) is not secure. But he implies (I think) that a hybrid app (with local storage) is secure?
Kateryna's answer seems like local storage is a little more secure.
Before I beta test my mobile web app, I'd like more comfort I'm not exposing my beta clients to a un-secure situation.
Recommendations?
Hi Gino,
Keeping password anywhere is not secure.
Please look here for creation "Remember Me" mechanism
How does appery store the password in the database? I have to move my database and need to get them out of the users database into my database.
Hello Ed,
Appery.io doesn't store users' passwords. It keeps only their hashes, so it is impossible to get them.