Credentials storage
Tip
This article covers Uno-specific information for Windows.Security.Credentials.PasswordVault API. For a full description of the feature and instructions on using it, consult the UWP documentation: https://docs.microsoft.com/en-us/uwp/api/windows.security.credentials.passwordvault
- The
PasswordVaultis a credentials manager that is persisted using a secured storage. PasswordCredentialis used to manipulate passwords in the vault.
Supported features
| Feature | Windows | Android | iOS | Web (WASM) | macOS | Linux (Skia) | Win 7 (Skia) | Tizen |
|---|---|---|---|---|---|---|---|---|
PasswordVault |
✔ | ✔ | ✔ | ✖ | ✖ | ✖ | ✖ | ✖ |
PasswordCredential |
✔ | Partial | Partial | Partial | Partial | ✖ | ✖ | ✖ |
PasswordVault
The PasswordVault is designed to be a safe place to store the user's credentials and tokens.
It's backed by the hardware encryption mechanism of each platform, which provides a high level of security.
However, the PasswordVault does not offer any memory security feature.
Below see the implementation information for each platform:
The implementation uses the AndroidKeyStore which was introduced with API 18 (4.3).
The KeyStore is used to generate a symmetric key which is then used to encrypt and decrypt a file persisted in the application directory.
The key is managed by the KeyStore itself, which usually uses the hardware component to persist it. The key is not even accessible to the application.
More info: https://developer.android.com/reference/java/security/KeyStore
PasswordCredential
This class is implemented, however it never hides the password like the UWP does.
This means that theRetrievePassword does nothing,
but we recommend to still use it in order to ensure cross-platform compatibility.
The Properties is not implemented.
Sample
Storing a credential
var vault = new Windows.Security.Credentials.PasswordVault();
vault.Add(new Windows.Security.Credentials.PasswordCredential(
"My App", username, password));
Retrieving a credential
var vault = new Windows.Security.Credentials.PasswordVault();
var credential = vault.Retrieve("My App", userName);
credential.RetrievePassword();
var password = loginCredential.Password;