ForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 6 months agoSignal under fire for storing encryption keys in plaintext on desktop appstackdiary.comexternal-linkmessage-square258fedilinkarrow-up1513arrow-down130cross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldtechnology@lemmy.worldfoss@beehaw.orgprivacyguides@lemmy.oneprivacy@lemmy.ca
arrow-up1483arrow-down1external-linkSignal under fire for storing encryption keys in plaintext on desktop appstackdiary.comForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 6 months agomessage-square258fedilinkcross-posted to: cybersecurity@sh.itjust.worksprivacy@lemmy.worldtechnology@lemmy.worldfoss@beehaw.orgprivacyguides@lemmy.oneprivacy@lemmy.ca
minus-squarex1gma@lemmy.worldlinkfedilinkarrow-up3arrow-down4·edit-26 months agoYes, in your head, and in your second factor, if possible, keeping derived secrets always encrypted at rest, decrypting at the latest possible moment and not storing (decrypted) secrets in-memory for longer than absolutely necessary at use.
Yes, in your head, and in your second factor, if possible, keeping derived secrets always encrypted at rest, decrypting at the latest possible moment and not storing (decrypted) secrets in-memory for longer than absolutely necessary at use.