Many Kodi add-ons store user name and passwords in their add-on settings. However, almost nobody seems to care about the fact that these are stored in plain text in the settings.xml in the user_data folder. Many users do not secure their Kodi boxes as well as their own PC or laptops, hence there is a higher risk of somebody obtaining that specific information.

With Retrospect 4.1.2 a new feature called the Vault was added. This feature enables storing sensitive data in a more secure way. How does this work:

  1. The users selects a Vault PIN that is used as the main code for accessing the Vault data. This PIN can be rather simple and short and easy to remember.
  2. That PIN is then used to generate a much more complex password (let’s call it a PINWord) using Scrypt. The short explanation of Scrypt is that it can be used to convert a rather simple password into a much more complex one. That conversion is slow by design to prevent brute force attacks (for more details see https://en.wikipedia.org/wiki/Scrypt).
  3. That new PINWord is used to Encrypt/Decrypt the actual strong 32 char (256 bits) Vault Key. This Vault Key is randomly generated once for each Retrospect instance.
  4. The Vault Key is the actual key that is used to encrypt the data in the Vault. This is done using 256 bits AES (See https://en.wikipedia.org/wiki/Advanced_Encryption_Standard)

Now I am not claiming that this is perfect, but it is a lot safer than just storing it plain text in the settings.xml.

Setting up a new Vault

Before a Vault can be used, the user is asked to set a PIN and confirm that PIN. A PIN can be numerical, but can also include alpha characters. With that PIN, a new PINWord is generated and that is used to encrypt a newly generated Vault Key.

Access data in the Vault

In order to access (either store or retrieve) data from the Vault, the user is prompted for his/her PIN. Retrospect uses that PIN and the Scrypt algorithm to generate the PINWord and decrypts the Vault Key. That Vault Key is then used to either encrypt or decrypt the data using AES.

Resetting the Vault

If an user forget the PIN, there is no way of recovering the data. The only solution is to reset the Vault and pick a new PIN and generate a new Vault Key.