Angular Implementation Of Secure Password Input

Author: tera-insights
Official Page: Go to website
Publish Date: January 15, 2016
License: MIT


Secure implementation of password field. Stores password in a UInt8Array instead of string which can be wiped out securely. Uses key-presses as opposed to input fields.

Using ng-model stores the password string in memory. Clearing the ngModel via myPasswordString=” “; leaves the original entry in raw memory until the garbage collector kicks in (which cannot be invoked manually). So I used a combination of keyboardEvents to edit a Uint8Array and ng-repeats to simulate a full-sized password input field. Using Uint8Arrays allows direct memory access that can be more securely cleared.


Angular Implementation Of Secure Password Input

You Might Be Interested In:


Add Comment