Stored website passwords are in clear text protected only by process linux file system permissions, so accessable to anyone in possesion of your device long enough to root it. Obfuscating them wouldn't be very secure as the source code of the browser and underlying engines is available.
On Sep 2, 7:49 am, JWJu <[email protected]> wrote: > How are security credentials/passwords stored on android phones? Are > they encrypted or in other way secured in case of i.e. theft? > > For example, if my telephone gets stolen, would it be possible to > easily get access to stored browser passwords, my google password, app > passwords (e.g. login to cloud services) > > Are these in some way encrypted and tied to PIN, unlock code or other > are they completely "in the open"? Is it up to the individual app > developer to securely store credentials/passwords/data (if possible) > or does it exist a security framework in Android? > > Thanks for any insight, from someone new to Android! -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
