Is it safe to pass a password from one activity to another without encrypting it? I will then, once it’s in the next activity, encrypt it and store it. Or should I encrypt it first?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is it safe to pass a password from one activity to another without encrypting it? I will then, once it’s in the next activity, encrypt it and store it. Or should I encrypt it first?
As long as you stay within your own app (not other apps, this is fishier), there shouldn’t be a problem with this. The reason is that your information stays within your process, so others are never seeing it. If you pass an unencrypted password across a process boundary, that’s probably a bad idea. There’s a paper on this [1] that might be worth a read (I don’t think it’s too harsh, even for “real programmers”). In general, as long as you keep data within your app, you should be safe, simply because of the sandboxing that the underlying Linux implementation provides for you.
[1] Analyzing Inter-Application Communication in Android
http://www.sigmobile.org/mobisys/2011/slides/interapp.pdf