Android has Secrets
Over at Google Code a new application has shed its covert cover and made its way into the lime light. Secrets For Android is a new way to store and manage sensitive information such as password, social security numbers and, well, secrets. Apart from offering Android users all of the above, the application servers another function too; all of the source code is available on the Apache 2.0 licence, so you can examine the code yourself, or modify it to your needs. Specifically, the source code illustrates how “applications can perform file I/O, use the crypto APIs, and do some simple 3-D view animation”.
When you install and start Secrets for the first time, you are immediately prompted for a master-password. This password is seriously important because it is required to access any of your other secrets. So what happens if you forget your master-password? Naturally, resetting it comes with a cost; you will lose all your secrets! This seems like a good idea on the surface, but the pessimist within me sees this as an easy way for someone to annihilate your secret list rather easily if they get hold of your phone. You have been warned. More information after the jump.
You can store information such as a short name for the secret, a long identification name, the secret itself (such as a PIN number or VISA card number), along with an associated email address and a notes section. At the moment the application does not have a proper icon, or the ability to back-up and synchronise secrets off the phone. However, these features are on the to-do list, along with the ability to remotely delete secrets, lock users out if there are too many failed attempts to log in, and the ability to change the master-password once you have set it (pretty mandatory if you ask us).
Check it out and let us know what you think.