In my app, I have to store user’s account password. As far as I understand, there is no other alternatives, but to use local storage. I’ve done some research and it seems that local storage is not completely secure yet.
I guess, I could encrypt the password, but where would I store the encryption key?
Besides that, are there any other security best practices? Besides the obvious “send everything over HTTPS” one.