|Go to website
|January 15, 2016
Secure implementation of password field. Stores password in a UInt8Array instead of string which can be wiped out securely. Uses key-presses as opposed to input fields.
Using ng-model stores the password string in memory. Clearing the ngModel via myPasswordString=” “; leaves the original entry in raw memory until the garbage collector kicks in (which cannot be invoked manually). So I used a combination of keyboardEvents to edit a Uint8Array and ng-repeats to simulate a full-sized password input field. Using Uint8Arrays allows direct memory access that can be more securely cleared.