Comment Re:Storing cloud passwords in the cloud? (Score 3, Interesting) 114
The problem is that there is an conflict between a password suitable enough for protection (i.e. 20+ characters), and something quick enough to access in a short time.
mSecure addresses this in an interesting way -- they cache the extra long sync password used for the cloud. The password that is used to encrypt the synchronized database that sits in iCloud or DropBox is different from the app's passphrase. Since most phones have decent innate protection, it is not impossible, but very difficult to dump the data on a locked device [1], so one can have a fairly easy to type in PIN on the device, but the synchronized backend file is protected with a much longer (and more secure) passphrase.
[1]: iOS on the iPhone 4 and up always encrypts. Android since 3.x has the option of using md-crypt and encrypting the