No explanation regarding the security of the SN credentials

johnjones4 / Standard-Notes-Clipper

A browser add-on (Firefox and Chrome) that allows you to clip web pages to your Standard Notes account.

MIT License

124 stars 13 forks source link

No explanation regarding the security of the SN credentials #10

Closed jrabensc closed 4 years ago

jrabensc commented 4 years ago

Currently, the add-on is missing a detailed explanation where and how the SN credentials are being used and saved. I am thinking of Firefox/Google Sync, Multi-User-Systems and so on.

johnjones4 commented 4 years ago

How's this for a message:

Your encrypted login credentials and 2FA code (when applicable) are sent directly to the Standard Notes server at sync.standardnotes.org and never stored locally on this machine. This add-on only stores the authentication token data sent back from the server to make future requests. This add-on also does not store any note data - only editor and tag data.

jrabensc commented 4 years ago

Sounds good to me.