Menu
It seems TextEditingController keeps all plain input text including password in the memory.
I have tried many things so far
controller.dispose()nullcontroller.text by using the FFIThe problem is that the input logs(plain text json format) remain in the memory.
https://github.com/flutter/flutter/issues/84708
This is a critical issue for me.
Please let me know how to zero out the password in the memory.
Thank you.
344
asked Sep 20 '25 00:09
You cannot effectively zero memory in Dart. Memory in Dart is managed by the garbage collector, so you cannot control the lifetime of memory allocations nor prevent memory from being copied or moved. Furthermore, Dart Strings are immutable.
One way to mitigate it would be to use dart:ffi and to have all operations involving passwords go through, say, a C or C++ library where memory is not managed by the GC, but that still wouldn't completely help if you use Dart code to get the password from the user in the first place.
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
