Persisting Sensitive Data
The Credentials Store API allows you to securely store sensitive user data, like passwords, server URLs, etc.
How to use
Use PasswordSafe to work with credentials.
Retrieve stored credentials
String key = null; // e.g. serverURL, accountID
CredentialAttributes credentialAttributes = createCredentialAttributes(key);
Credentials credentials = PasswordSafe.getInstance().get(credentialAttributes);
if (credentials != null) {
String password = credentials.getPasswordAsString();
}
// or get password only
String password = PasswordSafe.getInstance().getPassword(credentialAttributes);
private CredentialAttributes createCredentialAttributes(String key) {
return new CredentialAttributes(CredentialAttributesKt.generateServiceName("MySystem", key));
}
Store credentials
CredentialAttributes credentialAttributes = createCredentialAttributes(serverId); // see previous sample
Credentials credentials = new Credentials(username, password);
PasswordSafe.getInstance().set(credentialAttributes, credentials);
To remove stored credentials, pass null for credentials parameter.
Storage
Default storage format depends on OS.
| OS | Storage |
|---|---|
| Windows | File in KeePass format |
| macOS | Keychain using Security Framework |
| Linux | Secret Service API using libsecret |
Users can override the default behavior in Preferences | Appearance & Behavior | System Settings | Passwords.
Last modified: 19 February 2020