Highly sensitive information stored as String/NSString

Access tokens are stored as String

https://github.com/trifork/TIM-iOS/blob/bf529f7953931fa36955b185f4d4a69133619eb8/Sources/TIM/Extensions/JWT%2BExtensions.swift#L7-L8

- make sure that highly sensitive data is overwritten as soon as it is no longer needed
- do not pass such data via immutable data types, such as String and NSString

See [OWASP MAS - Testing Memory for Sensitive Data](https://mas.owasp.org/MASTG/tests/ios/MASVS-STORAGE/MASTG-TEST-0060/)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Highly sensitive information stored as String/NSString #27

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

	/// Type alias for tokens - just a string.
	public typealias JWTString = String

Highly sensitive information stored as String/NSString #27

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions