Closed filoe closed 7 years ago
Good point. The storage is useful for encrypting and storing sensitive information obtained during the runtime. Password for the store is defined at the compile time. There are various ways to protect it. I use professional edition of Dotfuscator that encrypts strings in the app (including the password for the store.). So the password for the store cannot be retrieved even if someone reverse engineers the App.
What kind of mechanism should be used to store the password for the storage itself? Does not make much sense to store the data of encryped while the key is not secured.