Client Login - how to store credentials securely o

2019-03-15 04:15发布

问题:

As many APIs provides access remotely to their data through the user/password combination, I was wondering wich was the best way to store those value, highly secure way (even if 100% is impossible), in order to connect them directly without asking everytime for those.

回答1:

I recommend one of three approaches:

  • Avoid storing the password at all by using authentication tokens. In this model, the user logs in one time, and the server generates a unique, large, sparse token that the client can store and use as its login "password." The server only accepts this token from one client at a time, so if two clients try to use it simultaneously, the token is invalidated. The token is also generally invalidated after a period of time (1 week, 2 weeks, a year, whatever is appropriate). When the token is invalidated, the user must log in again by hand and the process is repeated. This is basically the approach of Gmail and similar web site logins.

  • If you must store the password, I recommend relying on the OS to manage it for you. Windows and Mac both have good secure storage systems (DPAPI and Keychain respectively). Linux doesn't have a good always-available solution, though, so it depends on your market. The advantage of using the OS is that the OS can provide protections you can't easily provide yourself, and the user can centrally manage the overall protection of the OS storage (using smartcards, etc.) to a level you are unlikely to reproduce. The OS secure stores are also typically quite convenient for the user.

  • If neither of these are options, then store an encrypted file with a master password that the user must enter every time they launch your app. This is how Firefox works (or at least it did last time I looked, which has been a while). This is reasonably secure, but much less convenient for the user (and low convenience often means low adoption by the users, or poor use through simpler passwords, etc). I would investigate the Firefox code as an example of how to implement this.



回答2:

The best way would be to rely on someone else to store them and to trust that party instead. But if you must have control I'd suggest reading a good book on secure systems and then thinking again. There are many many variables to consider and most of the time you just mitigate the risk vs cost.



回答3:

KeePass provides even an API to use for developers.