问题描述
我正在使用Flutter + Firebase身份验证通过以下语法使用电子邮件和密码对用户进行身份验证:
I'm using Flutter + firebase auth to authenticate my users with email and password using this syntax:
void signIn({@required String email,@required String pass})
FirebaseAuth.instance.signInWithEmailAndPassword(email: email, password: pass)...
用户名和密码为字符串,纯文本
The username and password are Strings, plain text
我的问题是,我是否需要担心密码安全性?密码字符串是否以加密的方式进入网络?
My question is, do I have to worry about password security? does the password string goes to the network encrypted?
推荐答案
Firebase身份验证客户端与后端服务器之间的所有通信均通过端对端加密的(HTTPS)连接进行.因此,尽管密码在代码中可能以纯文本形式显示,但是任何检查网络流量的人都看不到密码(除非网络已经受到威胁).
All communication between the Firebase Authentication client and the backend servers happens over (HTTPS) connections that are end-to-end encrypted. So while the password may appear as plain text in the code, it cannot be seen by anyone checking the network traffic (unless the network is already compromised).
另请参阅:
这篇关于Flutter Firebase signInWithEmailAndPassword密码学的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!