6:[["$","$Le",null,{}],["$","div",null,{"className":"min-h-screen bg-gray-100 p-6","children":[["$","$Lf",null,{}],["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"Keychain data security in jailbroken device\",\"text\":\"

Storing sensitive data in keychain is a best practice in iOS. But using a jailbroken device an attacker can dump all the keychain data. (keychain-dumper)

\\n\\n

Can anyone help me understand how to protect the data in a keychain, in case of a jailbroken device.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"Shree Harsha S\"},\"upvoteCount\":1,\"answerCount\":2,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"

It's not possible. If the device is jailbroken all data can be easily accessed.

\\n\",\"author\":{\"@type\":\"Person\",\"name\":\"orkoden\"},\"upvoteCount\":4}}}"}}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mb-6 relative","children":[["$","div",null,{"className":"absolute top-4 right-4 flex flex-wrap space-x-2","children":[["$","span","ios",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/ios/1","children":"ios"}]}],["$","span","keychain",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/keychain/1","children":"keychain"}]}],["$","span","jailbreak",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/jailbreak/1","children":"jailbreak"}]}],["$","span","data-security",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/data-security/1","children":"data-security"}]}],["$","span","application-security",{"className":"bg-blue-600 text-white text-sm px-3 py-1 rounded-full","children":["$","$L10",null,{"href":"/discussion/tag/application-security/1","children":"application-security"}]}]]}],["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://lh6.googleusercontent.com/-RxyDqxO4IgU/AAAAAAAAAAI/AAAAAAAAAFw/sfH_u0x2LDA/photo.jpg?sz=256","alt":"Shree Harsha S","className":"w-16 h-16 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/4268403/shree-harsha-s","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Shree Harsha S"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",685]}]]}]]}],["$","h1",null,{"className":"text-2xl font-bold text-gray-800 mb-4","children":"Keychain data security in jailbroken device"}],["$","p",null,{"className":"text-gray-700 mt-4","dangerouslySetInnerHTML":{"__html":"

Storing sensitive data in keychain is a best practice in iOS. But using a jailbroken device an attacker can dump all the keychain data. (keychain-dumper)

\n\n

Can anyone help me understand how to protect the data in a keychain, in case of a jailbroken device.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm mt-4","children":[["$","p",null,{"children":["Upvotes: ",1]}],["$","p",null,{"children":["Views: ",6126]}]]}]]}],["$","div",null,{"className":"container mx-auto","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-6","children":["Answers (",2,")"]}],[["$","div","53697751",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://www.gravatar.com/avatar/61398b00087ae1cc051fe399108b1e1e?s=256&d=identicon&r=PG&f=y&so-version=2","alt":"Unknown","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/205741/unknown","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"Unknown"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",111]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

You can implement your own custom encryption on top of Keychain to enhance security. For example, encrypt passwords with a magic method before storing them in Keychain. (Then try to obfuscate that method to minimize chances of reverse-engineering it.)

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",0]}]}]]}],["$","div","34590250",{"className":"bg-white shadow-md rounded-lg p-6 mb-6","children":[["$","div",null,{"className":"flex items-center mb-4","children":[["$","img",null,{"src":"https://i.sstatic.net/i0nyZ.jpg?s=256","alt":"orkoden","className":"w-12 h-12 rounded-full border"}],["$","div",null,{"className":"ml-4","children":[["$","a",null,{"href":"https://stackoverflow.com/users/1329214/orkoden","target":"_blank","rel":"noopener noreferrer","className":"text-lg font-semibold text-blue-600 hover:underline","children":"orkoden"}],["$","p",null,{"className":"text-sm text-gray-500","children":["Reputation: ",19996]}]]}]]}],["$","p",null,{"className":"text-gray-700 mb-4","dangerouslySetInnerHTML":{"__html":"

It's not possible. If the device is jailbroken all data can be easily accessed.

\n"}}],["$","div",null,{"className":"text-gray-600 text-sm","children":["$","p",null,{"children":["Upvotes: ",4]}]}]]}]]]}],["$","div",null,{"className":"bg-white shadow-md rounded-lg p-6 mt-6","children":[["$","h2",null,{"className":"text-2xl font-semibold text-gray-800 mb-4","children":"Related Questions"}],["$","ul",null,{"className":"list-disc list-inside","children":[["$","li","5210535",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/5210535","className":"text-blue-600 hover:underline","children":"Passing data between view controllers"}]}],["$","li","9038625",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/9038625","className":"text-blue-600 hover:underline","children":"Detect if device is iOS"}]}],["$","li","31254725",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/31254725","className":"text-blue-600 hover:underline","children":"Transport security has blocked a cleartext HTTP"}]}],["$","li","12622424",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/12622424","className":"text-blue-600 hover:underline","children":"How do I animate constraint changes?"}]}],["$","li","24333981",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/24333981","className":"text-blue-600 hover:underline","children":"iOS app with framework crashed on device, dyld: Library not loaded, Xcode 6 Beta"}]}],["$","li","4747404",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/4747404","className":"text-blue-600 hover:underline","children":"Delete keychain items when an app is uninstalled"}]}],["$","li","68555274",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/68555274","className":"text-blue-600 hover:underline","children":"Why does Apple recommend to store passwords, secrets, and keys in iOS Keychain when apps are sandboxed?"}]}],["$","li","16336449",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/16336449","className":"text-blue-600 hover:underline","children":"Reset keychain on the device"}]}],["$","li","16299860",{"className":"mb-2","children":["$","$L10",null,{"href":"/discussion/solution/16299860","className":"text-blue-600 hover:underline","children":"Increase iOS App Security With Keychain"}]}]]}]]}]]}],["$","$L11",null,{}],["$","$L12",null,{}],["$","$L13",null,{}],["$","$L14",null,{}],["$","$L15",null,{}]]

Keychain data security in jailbroken device

Answers (2)

Related Questions