问题
Following Udinic's blog shows us how to create our own authenticator and manage our own accounts.
The problem is that if two applications try to manage the same account type, only the account authenticator of the first application will be used (and only the first application can access certain methods of the AccountManager).
However, if the first application is uninstalled, then the second application's account authenticator takes its place and the second application has full access to the account.
How can I prevent that - given my application gets uninstalled - no other malicious (already installed) app can 'take over' the accounts created by my application and thus read out my user's passwords or other private data?
I checked apps like facebook or viber, they seem to automatically remove the account if the app is uninstalled. How can they do that?
(Please don't respond with 'you should not store the password' - That is not the question here)
来源:https://stackoverflow.com/questions/28239003/android-how-to-protect-or-delete-an-account-when-application-is-uninstalled