客户登录 - 如何安全地存储在客户端的凭据？ [英] Client Login - how to store credentials securely on client side?

问题描述

由于许多API通过用户名/密码组合远程提供他们的数据访问，
我想知道至极是存储这些值，高度安全的方式（即便100％是不可能的），以便将其直接连接，而不要求每次这些的最佳途径。

As many APIs provides access remotely to their data through the user/password combination, I was wondering wich was the best way to store those value, highly secure way (even if 100% is impossible), in order to connect them directly without asking everytime for those.

推荐答案

我推荐三种方法之一：

• 避免使用认证令牌在所有存储的密码。在这种模式下，在一次用户登录，服务器生成一个唯一的，大的，疏令牌，客户端可以存储和作为其登录用口令。服务器只接受一个客户端的时间由此看来，所以如果两个客户端尝试同时使用它，令牌无效。令牌还通常在一段时间内（1周，2周，一年，无论为宜）后失效。当令牌无效，则用户必须用手重新登录，并重复该过程。这基本上是Gmail和类似的网站登录的方法。

• Avoid storing the password at all by using authentication tokens. In this model, the user logs in one time, and the server generates a unique, large, sparse token that the client can store and use as its login "password." The server only accepts this token from one client at a time, so if two clients try to use it simultaneously, the token is invalidated. The token is also generally invalidated after a period of time (1 week, 2 weeks, a year, whatever is appropriate). When the token is invalidated, the user must log in again by hand and the process is repeated. This is basically the approach of Gmail and similar web site logins.

如果您必须存储密码，我建议依靠操作系统来管理它。 Windows和Mac均具有良好的安全存储系统（分别为DPAPI和钥匙扣）。 Linux没有一个良好的随时可用的解决方案，虽然如此，它取决于你的市场。使用OS的好处是，OS可以提供​​保护你不能轻易提供自己，并且用户可以集中管理的OS存储的整体保护（使用智能卡等）你不可能再现水平。操作系统安全商店还能够为用户通常是相当方便的。

If you must store the password, I recommend relying on the OS to manage it for you. Windows and Mac both have good secure storage systems (DPAPI and Keychain respectively). Linux doesn't have a good always-available solution, though, so it depends on your market. The advantage of using the OS is that the OS can provide protections you can't easily provide yourself, and the user can centrally manage the overall protection of the OS storage (using smartcards, etc.) to a level you are unlikely to reproduce. The OS secure stores are also typically quite convenient for the user.

如果不是以上两种选项，然后存储与主密码，用户必须输入每次启动应用程序时的加密文件。这是火狐是如何工作的（或至少它没有我最后一次看，它已经有一段时间）。这是相当安全的，但使用起来很不方便，为用户（低便利往往是指由用户通过较低，或者通过简单的密码使用不当等）。我将调查火狐code作为如何实现这样的一个例子。

If neither of these are options, then store an encrypted file with a master password that the user must enter every time they launch your app. This is how Firefox works (or at least it did last time I looked, which has been a while). This is reasonably secure, but much less convenient for the user (and low convenience often means low adoption by the users, or poor use through simpler passwords, etc). I would investigate the Firefox code as an example of how to implement this.

这篇关于客户登录 - 如何安全地存储在客户端的凭据？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！