On Sun, Nov 15, 2009 at 1:16 PM, Anders Sahlin <[email protected]> wrote: > I've been working on multiple account support for my Gmail extension, > and reached the point where I need to store user information (username > and password). What is the best way of doing this, while maintaining > some degree of security? Is localStorage safe enough? Should I use > some form of encryption? The tricky part is that all source code will > be visible, and thus the encryption-keys/algorithm as well. I could > use some sort of master-password but it would be best if user > intervention was held to a minimum.
I wouldn't recommend storing the password at all. Instead, you could store the cookie and reset it when necessary to change the active account. Rely on Gmail's "remember me" feature to keep the cookie active. - a -- You received this message because you are subscribed to the Google Groups "Chromium-extensions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/chromium-extensions?hl=.
