CODEWITHSUNDEEP
javaandroidemail
Spotik
Spotik

Reputation: 105

How to store password in app

I'm using a lib to send mails in my app through my own email account. The thing is, I need to put the encrypted email in my class, and I think its too easy to reverse this and have access to my email. So, where is the best best to keep my password safe in my app? I don't have access to store nothing in a server.

The library I'm using: https://github.com/yesidlazaro/GmailBackground

Upvotes: 2

Views: 583

Answers (3)

TapanHP
TapanHP

Reputation: 6191

see @Kushan's answer for how to encrypt it..

You can store it inside a SharedPreferences safely and whenever needed you can always get it back but a good approach is to store it at servers only as another answer's comments suggested that SharedPreferences are not safe when phone is rooted:

SharedPreferences sharedPref = getActivity().getPreferences(Context.MODE_PRIVATE); 

SharedPreferences.Editor editor = sharedPref.edit();
editor.putString("password", ""); //put when you got your password here.....
editor.commit();

get it back when needed by:

SharedPreferences sharedPref = getActivity().getPreferences(Context.MODE_PRIVATE);
String password = sharedPref.getString("password", "noPass");

Upvotes: 2

Mohammed Elrashied
Mohammed Elrashied

Reputation: 332

SecurePerferecne used to store password and sensitive information here is how data stored :

<map>
<int name="timeout" value="500" />
<boolean name="is_logged_in" value="true" />
</map>

encrypted data:

   <map>
    <string name="TuwbBU0IrAyL9znGBJ87uEi7pW0FwYwX8SZiiKnD2VZ7">
        pD2UhS2K2MNjWm8KzpFrag==:MWm7NgaEhvaxAvA9wASUl0HUHCVBWkn3c2T1WoSAE/g=rroijgeWEGRDFSS/hg
    </string>
    <string name="8lqCQqn73Uo84Rj">k73tlfVNYsPshll19ztma7U">
        pD2UhS2K2MNjWm8KzpFrag==:MWm7NgaEhvaxAvA9wASUl0HUHCVBWkn3c2T1WoSAE/g=:jWm8KzUl0HUHCVBWkn3c2T1WoSAE/g=
    </string>
</map>

You can define a separate file for encrypted preferences.

SharedPreferences prefs = new SecurePreferences(context, null, "my_custom_prefs.xml");

store User password :

SharedPreferences prefs = new SecurePreferences(context, "userpassword", "my_user_prefs.xml");

more here

Upvotes: 2

Kushan
Kushan

Reputation: 5984

If you want Encryption, you can look into MessageDigest. They provide robust hashing functionality to encrypt your passwords.

https://developer.android.com/reference/java/security/MessageDigest.html

Store your password or email after hashing inside a persistent SharedPreferences as the other answers point out.

https://developer.android.com/reference/android/content/SharedPreferences.html

Upvotes: 3

Related Questions