Jump to content


Photo

OpenVPN for Android - My Credentials?

OpenVPN Android Certificate Keys

  • Please log in to reply
2 replies to this topic

#1 Drunk_Uncle

Drunk_Uncle

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 09 July 2017 - 12:05 PM

I just installed OpenVPN for Android on my phone today. After some phone buggy-ness and fiddling, I got it all working. Cool.

 

But I noticed that when connecting to AirVPN, I was never asked for my login+pw. Hmmm...

 

Ok, I now figure the .ovpn files I generated and imported have some keys/certificates embedded that authenticate me personally as the user who needs to login/connect to AirVPN.

 

If that's true, and if my phone is stolen, how can I invalidate those credentials of mine so the thief can't login to AirVPN as me?

 

Will a simple password change on the AirVPN website do the trick?

 

(Thanks, everyone.)



#2 zhang888

zhang888

    Donald Trump of IT/Security

  • Moderators
  • 2225 posts

Posted 09 July 2017 - 12:24 PM

A better approach would be preventing unauthorized access to your sensitive data in the first place, by using disk encryption.

Android supports it in all recent versions. To revoke a lost certificate, you can submit a ticket.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.


#3 Drunk_Uncle

Drunk_Uncle

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 09 July 2017 - 09:59 PM

Ok, thank you for the info (and quick reply), zhang888. Appreciated.







Similar Topics Collapse


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Servers online. Online Sessions: 15579 - BW: 56597 Mbit/sYour IP: 54.82.99.169Guest Access.