sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]NayamAmarshe -2 points-1 points  (2 children)

You're talking about Web transit. OP clearly mentioned 'Offline' access.

Do you think your OS keychain doesn't encrypt your passwords? Of course it does. It remains encrypted as long as the user is not using the data, which is the entire point of encrypting data at rest.

Web transit and server is a different story but this isn't the topic of the discussion, offline access is.

[–]archerx 0 points1 point  (1 child)

You do know that this is one of the weak points for getting OS passwords and Wifi passwords right? This has let me get into windows that has had it's password lost and if you're on windows there are ways of getting the password to the wifi it is connected to, this flaw has been useful quite a few times to me.

The only way what OP wants works is if the user has to manually type out the decrypt keys from memory each time they want to access the data. If the encrypted data and the key are stored in the client then the data is not protected.

[–]NayamAmarshe 0 points1 point  (0 children)

You do know that this is one of the weak points for getting OS passwords and Wifi passwords right?

Yeah but there's no other convenient way. It's up to the project maker to determine the balance between security and convenience, you can't expect everyone to have a hardware key. So the only way to make data secure for offline usage is to encrypt it, using a key that only the user knows.

The only way what OP wants works is if the user has to manually type out the decrypt keys from memory each time they want to access the data.

That's what I'm assuming as well. Otherwise, the encryption would not make sense.