Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I know that the PasswordEditField displays asterisks but stores in plain text, and I also know that the Blackberry network is encrypted.
If I am using BIS, do I need to encrypt the value in the PasswordEditField before posting over the Internet to a web service?
If the client states that encryption is required, Can I simply to the encryption/decryption at the backend, but send plain text over the Internet (under the cover of RIM’s encryption)?
If you’re making an HTTP connection to a web service, you need to do your own encryption. BIS can protect communication internally, but eventually it has to go over the open Internet to get to the web service. At that point, the information is vulnerable.
If you connect via HTTPS, then the entire communication channel is encrypted and you don’t need to do any additional encryption.