Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
226 views
in Technique[技术] by (71.8m points)

javascript - HTML5 Client Side Data Encryption - What are my options?

I am working on a EDIT: mobile web app which displays some sensitive information and requires a login which stores the members username and password in a HTML5 Session. The username and password are currently stored in an un-encrypted state for the reason that we need to use this username and password on each page load to access the clients remote web-service.

EDIT: After a security review our client raised the following concern:

"There is the potential that Session Storage information can get stored on disk (e.g. on a browser crash). For this reason no sensitive information should be stored unencrypted in session storage. User ID’s and session tokens can be stored since session timeouts are implemented however storing of passwords/PINs is not recommended."

What would be the best/most secure method of encrypting and decrypting sensitive data stored client-side?

Thanks!

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Hi instead of storing the username and password, can you not create some sort of "session" with the remote server and instead transmit an authentication token?

Storing a username and password anywhere in the client side gives me the shivers.

Perhaps of looking for ways of storing the username / password safely, look for ways of removing the need to store it at all.

However of course I'm saying this without knowing the full background... I'm guessing there is a good reason to need to store the username / password.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...