Tuesday, July 31, 2012

Re: [android-developers] Re: Use of weak password to protect Android keystore

On Tue, Jul 31, 2012 at 11:38 PM, howa <howachen@gmail.com> wrote:
> But suppose they don't have the login into my Android Developer Console, I
> don't need to worry?

It doesn't matter. They can load you app with malware, put it on some 'sharing'
site and it will look like it came from you. It will even update
cleanly on top of
your own app.


* put a good password on your keystore
* put your keystore in a safe :)
* put a copy in another safe, not in the same building

And you should be relatively safe :)

You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
For more options, visit this group at

No comments:

Post a Comment