t4g / smswiss-gcimport

Automatically exported from code.google.com/p/smswiss
1 stars 0 forks source link

User data are stored without encryption #31

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
Username / phone number and password are stored without encryption!!!
I don't provide further details to avoid making access to these data easier 
than it already is.
It is quite hazardous if you consider that most people use the same password 
for everything.

What version of the product are you using? On what operating system?
SMSwiss 1.0.6 - OSX Lion

Original issue reported on code.google.com by l...@dr.com on 11 Aug 2011 at 8:40

GoogleCodeExporter commented 8 years ago
Dear Luca,

you are right user data are stored without encryption.
But unfortunately we need to send username and password to the SMS gateways in 
clear text.
Therefore there is no big benefit in encrypting stored passwords as they need 
to be decrypted at any widget launch.
But you are welcome to participate to the project and add this nice feature if 
you like. 

Best regards
Elia

Original comment by elia.pa...@gmail.com on 11 Aug 2011 at 10:19