Reputation: 223
Proper way to store username and password in iOS application
What is the best way to store confidential data like usernames, passwords, etc in an iOS application?
Upvotes: 1
Views: 269
Answers (3)
Reputation: 1877
The proper way: Don't. The mobile phone is a very unsecure place to store information. If the security is #1 for you, you should not store sensitive information on the device.
You can use the default iOS security options, for example Keychain with CommonCrypto, or openssl, but your data never will be completely safe without a secure server component.
Keychain has it's very bad quality: It is as secure as the device's passcode.
Upvotes: 0
Reputation: 13458
Apple provides the keychain for storing sensitive information.
You should not use NSUserDefaults or CoreData unless you have provided some means of encrypting the content, and even so, you'll still need to manage and store encryption keys securely. The keychain provides all of this for you, and with iOS 8 you can now flag keychain items to require presence of a device passcode if desired.
Upvotes: 2
Related Questions
- iOS: How to store username/password within an app?
- Xcode: Store Username and Password
- What is the best way to maintain the login credentials in iOS?
- NSUserDefaults or keychain is better to save username and password in iPhone app
- iOS app, place to save user id and password
- Where to store the credentials on iPhone (username or userId)?
- Storing passwords in iPhone applications
- iPhone: Where to store username and password credentials?
- Best way to store login information in iDevices?
- What is the best practice to store username and password on the iPhone?