secured-async-storage
When
1: when the user logs in
2: When the user changes their secret word
Process This is the process whereby combination of the secret word and salt along with a generated challenge is stored for later use.
When
1: When the salt is generated
2: When the user successfully decrypts local storage using a challenge
Process The system gets the local storaged salt and selects 3 random characters as the challenge, this is inserted into local storage. At this point the previous secured local storage is wiped also, if there is local storage data in memory at this point it is re-encrypted using the newly generated challenge and written to local storage.
When
This occurs when the user brings the app to the foreground and has is logged in.
Process At this point the secured storage either provides the version in memory, if this doesn't exist or a configurable timeframe (20 minutes default) has passed creates a new challenge which is saved to local storage and returns it with a salt.
When When the app receives sensitive data from the API. The in memory storage is updated and the local storage is re-encrypyted with the current generated challenge.