Android Studio where is Master Password stored?

Question

When you generate a APK in Android Studio you can secure the generation with a Master Password. Where in the filesystem is this password stored? I'm hoping I'm not committing this file in my project, i.e. and uploading it to Github:-)

Answer 1

The master password isn't actually stored, but it's used to encrypt the master password file, which lives in the security.xml file with your Android Studio preferences. That file contains encrypted versions of your keystore and key passwords if you check the "Remember Passwords" checkbox in the Generate Signed APK wizard; if you don't tell it to remember passwords, nothing is stored.

Where that file lives depends on your platform, but in general on Windows it will be in <User home>\.AndroidStudioPreview\config\security.xml, ~/Library/Preferences/AndroidStudioPreview/options/security.xml on MacOS, and ~/.AndroidStudioPreview/config/security.xml on Linux. See http://www.jetbrains.com/idea/webhelp/project-and-ide-settings.html for more information on where preferences are stored for IntelliJ; it's essentially the same for Android Studio.

You can find a little more information on the file in a SO question about trying to decrypt the file contents if the master password is known: Intellij IDEA - view saved password

Answer 2

For Android Studio version 1.0.2 on windows 7, the security.xml is located at .AndroidStudio\config\options\security.xml

Answer 3

In my linux system this is where the security.xml file is located::

~/.AndroidStudio2.2/config/options/security.xml

Master passwords are encrypted (AES) and saved in security.xml file. It's location could change based on system and the version of android studio that you are using. You can run the following command in command shell.

locate security.xml