Login and account title are kept and synchronized using iCloud as clear text

[amoriello]

This is a design choice.

It is absolutely doable, but I don't consider it for now for performance and usability reasons.

Maybe if I go to a more powerful token platform (e.g: Teensy v3.2), I would consider this.

[amoriello]

Or I can provide an option on generation to encrypt both account title and login (if provided)

This option would be disabled by default, but could be enabled on the "Create Account" ViewController

[amoriello]

Considering a new approach:

Use a new, dedicated key to encrypt login. Trustline-Controller asks the Trustline-token to gives the key on connection (the login key will be protected by the pre-shared comKey).

The login Key will

• reside in Trustline-Controller RAM (won't be permanently stored, even in keychain)
• be stored in Trustline-Token EEPROM

This seems to be a fair trade-off between security (the key is written in Trustline-token only), and usability: Trustline-Controller has this key in RAM, and can use it to decrypt login, so the UI stays responsive. Unlike Passwords, Trustline-Controller does not rely on Trustline-Token to decrypt logins.