I'm doing an application in ionic and i need to use session to maintain data. I use localStorage but i want to know is it safe for sensitive data?Is there a way encrypt the data or other way to make it safe?Or is there another way to make session in an ionic application?
Is the data used in session with localStorage in ionic application safe?
283 views Asked by Claudiu At
1
There are 1 answers
Related Questions in SECURITY
- HTTPS configuration in Spring Boot, server returning timeout
- HSM ZKA control mask values
- OWASP Amass Subcommands
- Is there a need for BPF Linux namespace?
- Error when trying to execute a binary compiled in a Kali Linux machine on an Ubuntu system
- When sanitize/encode while implementing tags system like on SO
- spring security version in spring-boot-starter-security
- I am currently trying to implement a rudimentary firewall from a video I watched but the nimda worm detection is not working and i do not know why?
- Is it possible for `sudo` to fail temporarily with the correct password? Hacking suspected
- Is it viable proxying all my mobile apps requests, to some kind knowing that a request is coming from a secure source
- What abilities should I concentrate on while bug hunting, and how can I improve the quality of my bug bounty reports?
- System.ArgumentOutOfRangeException: I passed this error in every single program
- How to prevent users from creating custom client apps?
- Does server-side content security policy exist for youtube video player API, app, mod apks and website?
- Can we pass a hostname/IP address as a query string in a GET request in REST API
Related Questions in SESSION
- Multiple Processes, Multiple Processors, Single Priority Queue - Java Thread-Safe and Concurrency -
- Securing routes with sessionStorage in NextJS
- Cant handle Session's cookie when Safari/iOS
- Quart_Sessions Redis deletes keys and create backups instead
- I cannot get ID from session in GET method in Next.js 14
- I am new to flutter, just trying to set and get logged in user's session but maybe I am missing something
- I'm going nuts with Heroku session management issues
- Have a problem with get session in nextjs
- Session custom property getting undefined when calling Node js API from Javascript fetch
- Best Approach for Preserving User Input Across Blazor Pages in ASP.NET Core Application with User-Specific Data Storage
- spring security + form login + redis session storage -> keep coming out anonymous User
- Check user login in backend
- Next.js Middleware for Session Authentication Redirects: Errors Encountered
- Ansible prompt "No existing session" in manual executing the playbook
- Running a program on different computers with different users that access a central database simultaneously - VB.NET XAMPP/MySQL
Related Questions in IONIC-FRAMEWORK
- Firebase link existing user to anonymous account?
- Ionic Angular Standalone ion-icon are not showing at all
- Unable to run ionic app on Android emulator - [error] ADBs is unresponsive after 5000ms
- How should I filter Observables the "Right Way" with RxJs in Angular 17?
- Ionic/Capacitor: Background Location Tracking on iOS and Android?
- Best Approach for Implementing Video Selection from Gallery/Files in Ionic-React with Capacitor
- <video> tag with downloaded path in ionic ios not loads the video
- How do I record that this ionic checkbox has been checked by the user?
- Ionic 5 angular sharing a component between two modules
- mergeDebugResources FAILED
- Issue saving generated image to local filesystem in iOS using Capacitor
- Detect clickable areas within <img> tag in Ionic project
- Whitelisting Ionic app in Salesforce Org for CORS/CSP
- How to Polyfill node core modules in webpack 5 using ionic capacitor angular
- I'm developing an Android, but I can't see my "console.log" in logcat
Related Questions in THREAD-LOCAL-STORAGE
- how to get system register tpidr_el0 in gdb for the aarch64
- ERROR_MOD_NOT_FOUND and __thread in DLLs
- TLS callbacks implement not functioning
- gcc __thread local variables post fork() in a multi-threaded program
- Rust: How to solve "one type is more general than the other" error when using thread local OnceCell?
- thread_local strange inlining
- Counting threads using thread_local
- Capturing a `thread_local` in a lambda
- Enforcing row level permission in Django Models
- Global Thread-local Storage feasibility and best Practices in Go
- localStorage | Checking if a value exists before setting it
- Thread local storage define in assembly
- Is it better to use multiple pthread keys or a single pthread key
- ThreadPool, Function local variables and Thread local storage
- Windows thread local storage bug
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
I wanted to see your answer about what you call "sensitive information", before creating this answer, and now that I know it, Why would you want to keep information like the password in the local storage? First of all, you should not know your user's passwords at all, you should just save a hash of your user's password in your database and only that. Your cookies, local storage and all those client-side storage mechanisms are just for user preferences, session tokens and stuff like that, and it should never be used to store sensitive information, since that information can be modified by the user or even worse, it might be readed by an attacker.
I know that your question is about a safe way to store this information in the client side, but the answer here is that you should not be doing that at all. Yes, you could do something like encrypting the information (and only decrypting in your server, since to do it in the client side, you'll need the key and again, the key can be readed by an active attacker and then he'll be able to decrypt the information), but information like that has no reason to be stored in the client side, if you're doing it for authentication purposes, then you should be using sessions and cookies.
Maybe I got it wrong and you're doing it for a particular reason, and if it's like that, feel free to tell me that reason, so we can find a different solution, because I'm 100% sure that you don't really need to store information like the password.