[Feature request] Encrypt secret key on local storage

[gelavat]

It is not clear to me if the secret keys are encrypted on the device local storage and decrypted when the apps starts, can you please state on this?

If not done, I strongly suggest that all TOTP secret keys are encrypted, even without entering a password or checking 'authentication required' (like Signal Messenger does for example). This way, no hacker is able to read the configuration file and retrieve the secret keys. I think it is very important for a security app.

I put this separate of issue #128 because that one is done for exports encryption which is something else, although still important.

[mo-rijndael]

Android isolates app's private storage, so no app can see other app filles. Except in case there is root access ofc, but it's generally impossible to protect something from root Also, Android has OS-level disk encryption (force enabled by default in modern versions)

I think there is no need to encrypt already encrypted and strongly isolated app's private storage

[helloworld1]

Agreed that app storage is more or less secure for a reputable device manufacturer. I think at least the exported token should be encrypted since those are in shared storage.