From 9d4956c202f9f5fcdfa2cbc10c5c6bd503c43e61 Mon Sep 17 00:00:00 2001 From: Celsius Date: Tue, 21 Jul 2020 18:56:14 +0200 Subject: [PATCH] Update security.md I feel like the word "memory" in this context is confusing, as most people do understand memory to be non-persistent. --- docs/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/security.md b/docs/security.md index f38a14708e0..576e357c0f0 100644 --- a/docs/security.md +++ b/docs/security.md @@ -17,7 +17,7 @@ If you must have an API key or a secret to access some resource from your app, t **For persisted user data, choose the right type of storage based on its sensitivity.** As your app is used, you’ll often find the need to save data on the device, whether to support your app being used offline, cut down on network requests or save your user’s access token between sessions so they wouldn’t have to re-authenticate each time they use the app. -> **Persisted vs unpersisted** — persisted data is written to the device’s memory, which lets the data be read by your app across application launches without having to do another network request to fetch it or asking the user to re-enter it. But this also can make that data more vulnerable to being accessed by attackers. Unpersisted data is never written to memory—so there's no data to access! +> **Persisted vs unpersisted** — persisted data is written to the device’s disk, which lets the data be read by your app across application launches without having to do another network request to fetch it or asking the user to re-enter it. But this also can make that data more vulnerable to being accessed by attackers. Unpersisted data is never written to disk—so there's no data to access! ### Async Storage