I am working on a EDIT: mobile web app which displays some sensitive information

Question

0

Asked: May 22, 20262026-05-22T02:48:29+00:00 2026-05-22T02:48:29+00:00

I am working on a EDIT: mobile web app which displays some sensitive information

0

I am working on a EDIT: mobile web app which displays some sensitive information and requires a login which stores the members username and password in a HTML5 Session. The username and password are currently stored in an un-encrypted state for the reason that we need to use this username and password on each page load to access the clients remote web-service.

EDIT: After a security review our client raised the following concern:

“There is the potential that Session Storage information can get stored on disk (e.g. on a browser crash). For this reason no sensitive information should be stored unencrypted in session storage. User ID’s and session tokens can be stored since session timeouts are implemented however storing of passwords/PINs is not recommended.”

What would be the best/most secure method of encrypting and decrypting sensitive data stored client-side?

Thanks!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-22T02:48:30+00:00

Editorial Team

2026-05-22T02:48:30+00:00Added an answer on May 22, 2026 at 2:48 am

See this HTML5 Web DB Security

client-side encryption libraries
aren’t mature or tested well enough

…but it’s been a year ago, so that could be false already

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am working on a EDIT: mobile web app which displays some sensitive information

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply