×

Discussion Board

Results 1 to 4 of 4
  1. #1
    Registered User
    Join Date
    Apr 2008
    Posts
    30

    Password Caching?

    I have a general question that seems way too technical for the "General" board. Hopefully this is a good place to ask...

    How does the modern Symbian OS (9.1 or newer) handle password caching? I've seen a number of clients (usually network-based programs) that prompt for a password each and every time they're started, which is a great annoyance. I'd assumed Symbian did not provide any built-in options for storing passwords. But now, one by one, this option is now appearing in these clients. Has something changed in Symbian? Could it be a function of the programming language (C++ vs. Java)? Or are the developers of these clients "cheating"? Would someone explain this, or at least make a good guess? (The clients I'm talking about are commercial programs, else I'd provide a download link...)

    Thanks!

  2. #2
    Super Contributor
    Join Date
    May 2003
    Location
    Vancouver, Canada
    Posts
    985

    Re: Password Caching?

    As far as I know, there is no specific feature for password-storage on Symbian OS. The SDKs do provide general cryptography libraries. Developers can use them to do password management.

    For example, they can store the hash value of the password in a file. During authentication, only the hash value is sent to the server.

    There are also applications that store the password "as is" (no hash) in the protected folder (c:\private\<SID>). This is *not* recommended because some hackers out there are able to read the protected folder these days.
    Antony Pranata
    http://www.antonypranata.com/
    http://www.s60tips.com/

  3. #3
    Registered User
    Join Date
    Apr 2008
    Posts
    30

    Re: Password Caching?

    That's what I wanted to know! So Symbian hasn't changed...these companies are writing their own password routines today, when they had previously opted against this. I've been wanting to hack one of our Nokia devices, to better see how the OS works...and at the same time could then confirm c:\private\<SID> is being used securely. (I expect these programmers aren't that dumb. ) Thanks again!

  4. #4
    Super Contributor
    Join Date
    May 2003
    Location
    Vancouver, Canada
    Posts
    985

    Re: Password Caching?

    The private folder (\private\<SID>) was secure until recently. A couple of months ago, someone has managed to "read" it by exploiting security hole from AppTRK.
    Antony Pranata
    http://www.antonypranata.com/
    http://www.s60tips.com/

Similar Threads

  1. Replies: 2
    Last Post: 2007-12-21, 17:07
  2. Settings Listbox - Problem with Password item
    By ashbhatia in forum Symbian User Interface
    Replies: 3
    Last Post: 2007-12-06, 14:27
  3. User Password Settings - Need help ...
    By cbrueckner in forum Symbian User Interface
    Replies: 2
    Last Post: 2007-01-03, 04:22
  4. Problem in setting Password
    By SachinKumar in forum Symbian
    Replies: 0
    Last Post: 2005-06-21, 14:38
  5. Settings Listbox - Problem with Password item
    By ashbhatia in forum Symbian
    Replies: 1
    Last Post: 2002-12-11, 10:14

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×