Storing Credentials in Local Storage

The Local Storage is designed for storage that spans multiple windows and lasts beyond the current session. In particular, Web applications may wish to store megabytes of user data, such as entire user-authored documents or a user's mailbox, on the client side for performance reasons.

For storing credentials in local storage, on successful login, generate a completely random string unrelated to user credentials. You need to store this in the database. Do not forget to add an expiry date. Pass that string to the JavaScript to be stored in local storage.

As long as the local storage credential matches the database and the timeout did not expire, consider them logged in.

Therefore, no risk of the user's credentials exposed from local storage.

Rishi Rathor

Published on 06-Apr-2018 07:08:52

• Related Questions & Answers
• Trick to store credentials in local storage
• Thread-local storage (TLS)
• Difference between Session Storage and Local Storage in HTML5
• HTML DOM Local Storage clear() method
• Retrieve element from local storage in JavaScript?
• Android 4.0.1 breaks WebView HTML 5 local storage?
• Checking if a key exists in HTML5 Local Storage
• What is the difference between local storage vs cookies?
• HTML 5 local Storage size limit for sub domains
• How to save cache in local storage of android webview?
• How to save database in local storage of android webview?
• Set the value in local storage and fetch – JavaScript?
• How to store a name permanently using HTML5 Local Storage?
• Storing money amounts in MySQL?
• Storing objects in PHP session