• Post Reply Bookmark Topic Watch Topic
  • New Topic

Suggestions on storing mail passwords safely  RSS feed

Karthik Shiraly
Posts: 1210
Android C++ Java Linux PHP Python
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

A distributable desktop app that uses javamail has to store email account usernames and passwords, so that user doesn't have to login every time (similar to typical email clients like thunderbird and outlook).
What's a good way to store these credentials on user machines?
I'm thinking of using PKI keypair, with a private key generated on installation. But this just shifts the problem to - where to store this private key so that a malicious program can't access it. Probably I should store it in a keystore.

Or should I use something different, like OAuth?

Any suggestions? Or any idea how typical email clients store passwords?

With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!