Open MoDevby opened 5 years ago
My understanding is that protections in Android itself should be sufficient, and anything added to the app itself are unnecessary.
Does this information alleviate your concerns? If not, can you better describe your use case where a password and encryption are still necessary in the app?
Hi @brarcher, I don't fully agree that Android itself should be sufficient. Encryption wise most people including me never use full disk encryption as it's an overkill and as you mentioned already phased-out.
What matters to me really is not the encryption but the password protection for multiple reasons:
I would not be opposed to having the database be encrypted, using a key from Android's Keystore. It would probably not be something I will get to, though. If someone from the community were interested in contributing the feature, I'd be glad to review the changes.
I really think it's important for the financial information to be protected by a password or some other protection method. Maybe a data encryption option can follow later.