🐞 Plaintext Password Storage

[5a3b3f96-d11b-4a31-8373-09dd78df3e21]

What happened?

val getTandoorCredentials: Flow<TandoorCredentials?> = obs.getStringFlow(
        KEY_SETTINGS_TANDOOR_CREDENTIALS, "{}"
    ).map { json.maybeDecodeFromString<TandoorCredentials>(it) }

    fun saveTandoorCredentials(credentials: TandoorCredentials?) =
        obs.putString(KEY_SETTINGS_TANDOOR_CREDENTIALS, json.encodeToString(credentials))

This looks a lot to me like password string creds go into files on the OS. I checked in my Android Studio instance and confirmed there only.

App Version

2.0.6

Server Version

No response

Platform(s)

Android

Additional context

Submitted PR #360