|
|
|
|
|
|
by eduardordm
4460 days ago
|
|
|
In my company we have an application that stores an API key in its local storage. This API key is generated by the client app when it's first run and it's individual. If it gets stolen only that client will have its security compromised. That happened to us a couple of times, always on rooted android phones with pirated software installed. I'm a heavy AWS user but not too familiar with S3 keys, couldn't the keys be generated and isolated per user? |
|
|