PasswordVault is a credentials manager that is persisted using a secured storage.
More info about its usage can be found here https://docs.microsoft.com/en-us/uwp/api/windows.security.credentials.passwordvault
PasswordVault is designed to be safe place to store user's credentials and tokens.
It's backed by the hardware encryption mechanism of each platform, which provides a high level of security.
PasswordVault does not offer any memory security feature.
The implementation uses the AndroidKeyStore which was introduced with API 18 (4.3).
KeyStore is used to generate a symmetric key which is then used to encrypt and decrypt a file persisted in the application directory.
The key is managed by the
KeyStore itself, which usually uses hardware component to persist it. The key is not even accessible to the application.
PasswordVault is directly stored in the iOS
KeyChain which is the recommended way to store secrets on iOS devices.
It's backed by hardware components which ensure that the data is almost impossible to retrieve if not granted.
This platform was not evaluated.
There is no way to persist a secured data in a Web browser. Even if we generate a key to encrypt it,
there is no safe place to store this key except by relying on server components, which broke the offline support (and Progressive Web App).
So currently we preferred to not implement the
PasswordVault. It will throw a
NotSupportedException when you try to create a new instance.
This class is implemented, however it never hides the password like the UWP does.
This means that the
RetrievePassword does nothing,
but we recommend to still use it in order to ensure cross-platform compatibility.
Properties is not implemented.