Signal under fire for storing encryption keys in plaintext on desktop app - eviltoast
  • Blackmist@feddit.uk
    link
    fedilink
    English
    arrow-up
    9
    ·
    4 months ago

    But surely if it was stored encrypted, it would still need a key to unlock that info. Which would be on your PC. And could therefore be used by anything else to unlock your data.

    The only safe way would be encrypt it with a password that only you know, and you’d need to enter before getting back into the software. And there couldn’t be any “I forgot my password” function either. You lose it, the data is gone.