?
Solved

Mobile App Development - HTML5 LocalStorage versus SessionStorage versus Cookies

Posted on 2011-05-02
3
Medium Priority
?
474 Views
Last Modified: 2013-12-27
Hi,

We are developing a mobile web application on the jQuery Mobile platform that requires a user to provide their username and password.

Rather than asking the user to re-enter their details each time we want to only ask them once for their username and password and then prompt them to enter a pin.

We will encrypt this pin and encrypt a user identifier string and save both either in LocalStorage or Cookie.

When the user visits the application for a second time we will test if a user identifier can be found and if so prompt them to enter a pin.

Once the pin is entered we will securely (SSL) pass the pin and the user identifier to be decrytped and validated on the server.

I've read in a few places that we should use Cookies instead of LocalStorage (from a security point of view). Would you concur with this and can cookies be used across most smart-phones?

We also need to ensure that the user is required to re-enter their pin each time they close the browser or browse to another page or exceed 30 minutes of inactivity.

To manage this I was thinking of storing a value in SessionStorage as I have read that this is more secure than LocalStorage and expires when the browser is closed. Alternatively we could use Cookies again.

Security is a key concern so I'd be intersted to hear any tips and/or alternative approaches you may have.

Many thanks in advance...
0
Comment
Question by:fvillena
2 Comments
 
LVL 48

Accepted Solution

by:
Mikal613 earned 2000 total points
ID: 35512006
HTML 5 is not supported on most platforms so cookies can be the answer for now.
0
 
LVL 16

Expert Comment

by:hjgode
ID: 39626914
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While there are many new features for iOS 11, these are the five that can improve your digital lifestyle.
Creating a Cordova application which allow user to save to/load from his Dropbox account the application database.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses
Course of the Month16 days, 1 hour left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question