On Wed, Apr 8, 2009 at 10:26, Andreas Kostyrka <[email protected]> wrote: > That concern applies also (albeit the abuse potential is somewhat > smaller) if Google Checkout stores the data in their account, their > phone is authenticated to your Google account, and one wonders if these > credentials are stored on the phone too. (Basically, does the phone > keep the password somewhere, or does it keep some intermediate shared > secret that was derived from the password with help of the servers?) >
There is something I miss with google applications : have multiple passwords / rights level (well multiple login roles for my google account). As of now, one single password allows full access to my calendar, docs, photos, mail, account settings .... (including some passwords of other accounts in my mails...). If I want to access, even in read only mode, to some of my data, I have to use (and maybe compromise if I am not on a fully trusted computer) my omnipotent full google credentials... Also I sometimes had to give my password to friend or family for them to go fetch some info while I had no PC, just a simple phone. In such a case I would like less powerfull credentials ! And for example, for autologin in browser / android, login would not be done with full access rights. If you want more (ie change settings, browse some sensitive data -to be configured-), you have to provide other credentials (at least other password... kind of like with "Sudo" in ubuntu). This way, you can have autologin, but not your main password stored in your phone. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Discuss" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-discuss?hl=en -~----------~----~----~----~------~----~------~--~---
