Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

replace shared_preferences with something suitable for sensitive data #1

Closed
jossef opened this issue Jan 31, 2019 · 7 comments
Closed

replace shared_preferences with something suitable for sensitive data #1

jossef opened this issue Jan 31, 2019 · 7 comments
Labels
help wanted Extra attention is needed

Comments

@jossef
Copy link
Owner

jossef commented Jan 31, 2019

shared_preferences is not the best practice for storing sensitive data. use something else
@ghost
Copy link

ghost commented Sep 25, 2019

I would recomend Flutter Secure Storage for this, though the downside would be: wrapper for emulating and injecting for Android and iOs for tests and other things.

@jossef
Copy link
Owner Author

jossef commented Oct 15, 2019

@RickStanley thanks. Would you like to PR this change?

@jossef jossef added the help wanted Extra attention is needed label Jan 16, 2020
@jossef jossef pinned this issue Jan 16, 2020
@hereabdulla
Copy link

will this helps??
https://pub.dev/packages/encrypted_shared_preferences

@ianmaciel
Copy link
Contributor

I would recomend Flutter Secure Storage for this, though the downside would be: wrapper for emulating and injecting for Android and iOs for tests and other things.

There is a downside: Flutter Secure Storage works only on Android iOS and Linux. Windows, macOS and Web won't be supported.

@ianmaciel ianmaciel mentioned this issue Mar 18, 2021
Closed
@sehnryr sehnryr mentioned this issue Mar 16, 2022
Merged
7 tasks
@sehnryr
Copy link
Collaborator

sehnryr commented Mar 23, 2022

Hive is cross-platform and has strong encryption built in.

Closing because #58 fixes this issue and implements hive via stash_hive.

@sehnryr sehnryr closed this as completed Mar 23, 2022
@sehnryr sehnryr unpinned this issue Mar 23, 2022
@aramperes aramperes mentioned this issue Apr 19, 2022
Closed
@sehnryr sehnryr reopened this Apr 19, 2022
@sehnryr sehnryr pinned this issue Apr 19, 2022
@LightInn
Copy link

LightInn commented Apr 20, 2022
edited

Look like storing sensitive data in cookies is mainly a bad practice.
I think if the devs would like to store sensitive data, it's not a "requests" issue.

@sehnryr
Copy link
Collaborator

sehnryr commented Apr 21, 2022
edited

As @LightIn-death said, it is a bad practice to store sensitive data like passwords, SSN or even credit card numbers in cookies. The possibility where there are sensitive data in the cookie should not concern requests but rather the server that sends you this data.

But there still should be an option to encrypt the data as hive already implements it. #63 will permit that by allowing the end user to chose between using requests out of the box or initializing it with an encryption key.

I've reopened this issue since my previous implementation of stash_hive in #58 did not feature the said encryption by default but it will be fixed with #63.

@sehnryr sehnryr closed this as completed May 6, 2022
@sehnryr sehnryr unpinned this issue May 6, 2022
@sehnryr sehnryr mentioned this issue May 9, 2022
Merged
9 tasks
@sehnryr sehnryr mentioned this issue Jun 3, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jossef @ianmaciel @hereabdulla @LightInn @sehnryr