LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Password storage on Android devices

Password storage on Android devices

Posted Aug 4, 2011 13:56 UTC (Thu) by neufeld (subscriber, #9124)
Parent article: Password storage on Android devices

Perhaps, for the truly security-obsessed, the solution is to enforce an actual physical separation. Passwords aren't stored on the phone, but on a small bluetooth dongle that you keep in another pocket. When the phone needs a password, it queries the dongle for it, and never stores it locally. Phone continues to be useful to the owner, but now the pickpocket needs to grab a second object at the same time if he wants to make use of the passwords stored on it.

(Log in to post comments)

Password storage on Android devices

Posted Aug 4, 2011 16:40 UTC (Thu) by raven667 (subscriber, #5198) [Link]

Bluetooth might have two much range, maybe some sort of PAN so you have to be touching the phone. Any of these kind of solutions could have real problems with attackers who are physically near the victim, or whole-sale compromise by installing the right radios in a crowded area or even on a well-used stairwell railing or similar.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds