Hello!

First post here! I'm hoping maybe you could help me with a few suggestions. I'm making a login for my client application, but I want to implement a feature to remember the users credentials. This feature would require that the client automatically fill in the users username and password. I could store it in a text file and simply read it when the application launches, but I was hoping maybe there was a better way. This application will primarily run on Windows.

Thanks!

QSettings is designed to hold small pieces of configuration information like this.

With passwords you generally have the added requirement to encrypt the data before storage. Depending on security requirements this encryption could range from none through to full strength encryption (AES for example). You need a reversible encryption to allow recovery of the password for the third-party system (that means embedding some sort of key into your program: a security weakness). There is nothing in Qt that does this part for you.

QSettings is designed to hold small pieces of configuration information like this.

With passwords you generally have the added requirement to encrypt the data before storage. Depending on security requirements this encryption could range from none through to full strength encryption (AES for example). You need a reversible encryption to allow recovery of the password for the third-party system (that means embedding some sort of key into your program: a security weakness). There is nothing in Qt that does this part for you.

Chris,

Thanks for your response. I have implemented it as a QSettings feature and encrypted the password using SimpleCrypt (http://qt-project.org/wiki/Simple_encryption). As the documentation states, it's far from the perfect solution, but it clears up the problem of storing the password in clear text (plus it's stupid easy to implement).

Thanks again!

encrypted the password using SimpleCrypt (http://qt-project.org/wiki/Simple_encryption). As the documentation states, it's far from the perfect solution, but it clears up the problem of storing the password in clear text (plus it's stupid easy to implement).

Instead of that "encryption" you can as well use QByteArray::toBase64(). It provides a similar level of "security" as this SimpleCrypt stuff without claiming to be encryption.