0

i just get an answer from IM+ (instant messenger client android app) support and they told me that my auto saved ICQ, Googletalk, YM passwords are encrypted using TLS, so i want to ask if i need to worry?

I mean i cant use full disk encrayption on my old android so when i loose mobile what is the chance of someone be able to decrypt/crack the TLS? Or do i understand it badly? Im an amateur.

Anyone already cracked TLS?

16851556
  • 101
  • 1
  • TLS as in Transport Layer Security? Because that only means the password is encrypted when sending it from your phone to the server. That would mean they haven't told how your password is stored on your phone, only that it is sent over a secure line when logging in. – Darsstar Mar 24 '14 at 14:33

3 Answers3

1

No, don't worry. The latest version of TLS is not cracked and your passwords sent using it will be safe.

But the TLS is not related to Full Disk Encryption (FDE), FDE is only applicable to data at rest (when your phone is off), whereas TLS is used to handle data during communication. So if you have stored your passwords in your phone in some text file or database etc., then TLS won't help you. But if you enter your passwords in IM from your brain, then you are protected by TLS and will be ok :)

xkcd
  • 771
  • 4
  • 10
0

TLS(Transport Layer Security) or also known as SSL(Secure Socket Layer) is used to encrypt and securely send data from one machine to the other without the danger of a MiTM attack and it cannot be used to decrypt data locally.

More info on SSL/TLS: How does SSL/TLS work?

user36976
  • 3,233
  • 4
  • 15
  • 22
0

They must not have understood what you are asking. TLS doesn't protect local encrypted passwords. TLS protects your password when it is sent to a server. If you don't have to enter a password when accessing your client, then someone else with access to your phone wouldn't need a password to get at your accounts either.

AJ Henderson
  • 41,896
  • 5
  • 63
  • 110