Password stored as plain text in the "accounts.db" file

AutoImport-utack

In the database found under “/data/system/users/0/accounts.db” the owncloud password is stored as plain text.
This means anyone with root access on the phone, probablly including closed source apps that need root, can aquire the password.
This might lead to the discussion that a rooted phone is always a risk, however it would still be nice to add an additional layer of security here.

rfc2822

Thanks for your suggestion, but this is intended Android design. DAVdroid uses the Android account management and password methods. Additional security would have to be implemented in this API.

Password stored as plain text in the "accounts.db" file

Maybe you're interested in these topics?

Backup and restore configured profiles?
Ideas, future talk, development • enhancement • • kr428

Different colors for multiple calendars
DAVx⁵ • enhancement • • rfc2822

HTTP Public Key Pinning (HPKP) support
Transport-level security • enhancement • • rugk

SMIME Certs in Contacts
DAVx⁵ • enhancement • • AutoImport-ddblack

Add reminders to calendars
ICSx⁵ • enhancement • • lucasocio

Password stored as plain text in the "accounts.db" file

Maybe you're interested in these topics?

Backup and restore configured profiles? Ideas, future talk, development • enhancement • • kr428

Different colors for multiple calendars DAVx⁵ • enhancement • • rfc2822

HTTP Public Key Pinning (HPKP) support Transport-level security • enhancement • • rugk

SMIME Certs in Contacts DAVx⁵ • enhancement • • AutoImport-ddblack

Add reminders to calendars ICSx⁵ • enhancement • • lucasocio

Backup and restore configured profiles?
Ideas, future talk, development • enhancement • • kr428

Different colors for multiple calendars
DAVx⁵ • enhancement • • rfc2822

HTTP Public Key Pinning (HPKP) support
Transport-level security • enhancement • • rugk

SMIME Certs in Contacts
DAVx⁵ • enhancement • • AutoImport-ddblack

Add reminders to calendars
ICSx⁵ • enhancement • • lucasocio