javascript - How do I save a sensitive access code safely on localstorage (or other DB)? -
i building ionic/ng cordova app want provide access views when user has entered access code correctly.
upon first launch of app, user asked set access code.
how use access code provide access views topic, investigate separately.
for now, concerned how save access code secure on device, such users plug device usb computer cant read code or source code of app.
i thinking write custom function transforms access code encrypted string, example:
function encryptaccesscode(accesscode) { return accesscode.split("").reverse().join(""); }
i worried however, can read source code of app , find function, able decrypt encrypted access code string.
yes, jcubic says, if md5 original access code on first launch , store in localstorage, can compare md5 of code entered each time wish verify access - cryptojs nicely.
if you're worried reading source code, obfuscate it. either use uglifyjs if build process automated or manually using online obfuscator
Comments
Post a Comment