The frontend should not store sensitive data, like passwords, in the global state or local storage (at least unencrypted).
There are two passwords:
wallet password
Monero URL password(s)
The firs thought is not to store passwords anywhere, and ask the user to enter the password whenever the container starts. However, it doesn't seems to solve two issues:
a) scheduling
b) Monero passwords (there can be multiple passwords eventually, and they are seems not to be rememberable to the user like the wallet password)
IDEA 1:
The user enters the passphrase decrypting the local file with passwords. (AES/RSA encryption + user passphrase)
tarnas14
commented
2 years ago
The frontend should not store sensitive data, like passwords, in the global state or local storage (at least unencrypted).
There are two passwords:
The firs thought is not to store passwords anywhere, and ask the user to enter the password whenever the container starts. However, it doesn't seems to solve two issues:
a) scheduling b) Monero passwords (there can be multiple passwords eventually, and they are seems not to be rememberable to the user like the wallet password)
IDEA 1: The user enters the passphrase decrypting the local file with passwords. (AES/RSA encryption + user passphrase)