I am not familiar with the coding that has been used to create this project. I was trying to read through it to determine if the username and password were being passed to the authenticator encrypted or in the clear. I was not able to spot a smoking gun... can anyone more familiar with the syntax tell me if they are able to spot something that lets them know how secure the authentication process is for this app? Also, is there a point at which the app overwrites the memory variables once it has completed its processing or are they left provisioned and potentially recoverable by malware?
Thanks,
Tom