What safe practices can I take to store a password in desktop applications?

2

I intend to make an application with Pyqt5 to issue notifications based on an API that I have. The user, of course, in a first access would have to use the login and password, to access the application. I would like to keep this user authenticated after this "first-time" access, so he does not need to enter the password every time he opens the application.

The problem is that the last time I had the idea of doing so, I was in doubt about how I should store the user's credentials. As I have no experience with desktop applications, I have no idea how to proceed.

In browsers, you usually use cookies to gain information about a session.

But what about desktop applications?

  • Would it be correct to store the user's password in a file, for example, to retrieve it? For example, if my API does not have a token, how would I ever send those credentials to this API, without the user having to intervene with each request?

  • Is there any specific technique in Desktop applications to keep data from a session (even if the application is closed and then opened), just as browsers can do with cookies?

  • In the specific case of Pyqt (or QT), is there any solution for this type of storage?

asked by anonymous 03.08.2018 / 22:03

0 answers