|
|
|
|
|
|
by floatingatoll
2547 days ago
|
|
|
iOS stores app tokens in plaintext, on an encrypted disk. If your disk is unencrypted, every session token in your browser can be stolen and used to impersonate you, on services such as GitHub, Google, and others. There are no excuses for using an unencrypted disk for session token storage, whether in-browser or in-application or other. |
|
|
node-keytar has support for encryption on an unencrypted disk. Lose the password and you're locked out.