Hi All, EditText handles text input. We can mask the characters by adding the android:password attribute.
We can fetch a copy of the text with getText, and then erase or zeroize the data in the char[] when finished. However, its not clear to me what happens to the EditText's internal data with android:password when the widget is destroyed. Does the EditText behave securely by erasing or zeroizing its internal data? When an application recieves an onPause, I want the EditText to erase or zeroize its internal data (data that I have not yet fetched with getText). Is it possible to instruct the EditText to erase or zeroize its internal data? Or is there another UI control we should be using? Jeff -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
