Synopsis

The file /data/data/info.varden.hauk/shared_prefs/connectionPrefs.xml is where the Hauk app stores connection details, however this file currently just writes whatever connection information is provided to the app into plaintext. The connection details, particularly username/password, should be stored via the android keystore provider if it is available on the system, so that connection details are private to the Hauk app.

Expected Behavior

The credentials entered into the application are not in plaintext in the data files.

Actual Behavior

Connection user/password are stored in plaintext in the previously mentioned file.

System Details

Device: ONEPLUS A3000
OS: LineageOS v14.1 (Android 7.1.2)