Secure storing a secret on Tizen Web App

Question

Which is the most secure way to secure store a secret on a Tizen Web App?

As far as I know, the only supported API to store something is LocalStorage.

// to store a value
window.localStorage.setItem( 'secret', item_value);

// to retrieve a value
item_value = window.localStorage.getItem( 'secret' );

We already know that in the upcoming SDK wearable 3.0.0 there will be a keychain mechanism already available in mobile SDK.

Waiting for the 3.0.0, is the LocalStorage a "safe" place to store a secret?
Is the LocalStorage inspectable via console or file system (Even without enabling the Debug mode)?

Did you try SharedPreference of Tizen? – Iqbal hossain Oct 31 '17 at 16:20 — Iqbal hossain, Oct 31 '17 at 16:20
How a SharedPreference could be secure? – systempuntoout Nov 03 '17 at 11:55 — systempuntoout, Nov 03 '17 at 11:55

score 1 · Answer 1 · edited May 02 '23 at 08:02

Tizen localStorage is noting but HTML5 Web Storage implementation.

Webstorage API

W3Shools WebStorage

This post on Tizen Developers Forum suggests encryption/decryption.

Anyways, Searching the web you would mostly find 'strict negative' response on storing password/credential, sensitive data using Web localStorage. So, My opinion is also 'not secure' based on:

Can local storage ever be considered secure?

HTML5 localStorage security

Storing Credentials in Local Storage

How secure is localstorage?

You can inspect localStorage data using Web Debbuger: