Hi,
I've read up on the FAQ and it claims that the credentials stored under the OpenVPN Connect App are "secure", unless someone has physical access to the device. This seems like a valid claim, however, I'm interested in knowing how this is achieved, under the hood. As far as I know, there are only two methods of storing passwords securely: hashing it and encrypting it. Hashing is an excelent method for storing a password a user will supply and compare it against the stored hash, however, you can't take a hash and turn it into a password easily, unless grave errors were made during this process (bad hashing algorithms, no salt, no pepper, etc). Encryption of the credentials should be the used method here, but I'm at a loss as to how, as I've always been prompted for a "master" password when this method is used. The only way I know around this is with assymetrical key cryptography, but even that will require safe keeping of the private key, as the private key would have to be passwordless.
Am I correct in assuming the latter to be true or is there some other way I'm missing? I've googled around without any luck
Thanks!
Credential storing in OpenVPN connect
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
Alcap
- OpenVpn Newbie
- Posts: 1
- Joined: Tue Feb 18, 2020 11:37 pm