Reputation: 1
How to keep key store keys secure
- Storing key.jks file in flutter app is secure for flutter app release?
- Storing storePassword, keyPassword, keyAlias & storeFile path inside the key.properties file is secure for app release?
my key.properties file:
storePassword=<store_password>
keyPassword=<key_password>
keyAlias=<key_alias>
storeFile=<.jks_file_path>
Upvotes: 0
Views: 172
Answers (2)
Reputation: 121
Yes It is secure hovewer there are few things you can do to make it more secure Hovewer it might be less convenient.
Firstly never publish key.properties file and key.jks file. In case you are using git ensure it's included in .gitignore
For anybody to be able to sign an app with this id they need the private key (key.jks) and both the passwords. This might be a problem if your computer gets compromised.
What you could do is storing the key.jks in a password manager app so that in case your computer gets compromised only the 2 passwords are leaked. You do have to get the key out of the password manager every time you build the release and remove it afterwards though
Upvotes: 0
Reputation: 1
Yes, it's secure. But don't save these files to public repository
Upvotes: 0
Related Questions
- Correct way of storing API Keys in flutter following best practises
- How to store API keys in Flutter
- What is the best way to store api keys on flutter?
- Securely Saving API Keys In Android (flutter) Apps
- How to store AES Private key in flutter project?
- how about to use secure storage to store the user username and password in flutter
- How to protect stored data locally in flutter
- How to store a User id or "key" after login and access from anywhere in Flutter app?
- How to use keys in stateful widgets?
- Storing user data securely in Flutter and Dart