Reputation: 89
Password protect a preference in Android
Is it possible to password-protect some of the preferences?
More info: I have a user password preference (EditTextPreference), using this preference the user can change his/her password. To make it more secure one should protect such a preference with the user password. Is that possible using preference fragment in android?
Upvotes: 1
Views: 688
Answers (1)
Reputation: 1868
You could encrypt the password using one of the built-in ciphers (javax.crypto) then encode the result in something like base64 (android.util.base64) which you can then store in the preferences as a string. It is probably better to never store the password if possible. Perhaps use a strong non-reversible hash code (again you can probably use javax.crypto) and store the hashcode. When the user enters the password, you hash it and compare against the stored hashcode. If someone gets the hashcode out of the shared prefs, it is quite difficult to obtain the original password from it, and if the hashcode is strong enough it may be non-trivial to come up with a password that produces the same hash.
In reality, if someone gets hold of your application, there is always a weakness if someone really wants to get in. As my father used to say .. "Locks keep honest people out"
Upvotes: 1
Related Questions
- How to Secure Android Shared Preferences?
- Shared Preferences in Android?
- Android -- Storing data on shared preferences
- How to update shared preference string (password) in android
- How to prevent SharedPreferences from being changed
- Using SharedPreferences to store user password
- Android SharedPreferences Password
- hide or block access to the Shared Preferences file in Android
- using sharedpreferences for password - android
- storing password using shared preference in android