Signal under fire for storing encryption keys in plaintext
stackdiary.com
Popular encrypted messaging app Signal is facing criticism over a security issue in its desktop application. Researchers and app users are raising
  • x1gma@lemmy.world
    01·
    2 years ago

    Yes, in your head, and in your second factor, if possible, keeping derived secrets always encrypted at rest, decrypting at the latest possible moment and not storing (decrypted) secrets in-memory for longer than absolutely necessary at use.