Reputation: 16186
Best way to manage password that must be stored on sqlite iPhone App
I have a iPhone app that must work offline, and need be able to be used for several users with the same device.
I store now the pass inside the sqlite database. It must be there... because the database is in sync with another one in a normal sql server box.
So, I read the staff usernames & password from the master db and send back that info to the iPhone bd. When a user login into it the app read from the local bd. The user work offline then eventually sync again against the master bd.
Upvotes: 0
Views: 200
Answers (1)
Reputation: 88072
I'm not exactly sure what your question is...
If it's "how can I keep people from stealing data stored on a device" then the answer is You can't. If it is stored on a device then anyone with direct physical access can pull any stored secrets.
In particular if your code is on the device, then a hacker can pull any encryption keys or other embedded resources (including database) off of it.
So, if you're trying to prevent that just know that you can't. If the material is of a sensitive enough nature then I'd say abandon the "disconnected" model entirely.
If it isn't that sensitive and you are just trying to keep the someone from poking around then just do what we normally do: encrypt the database and store the key in your app.
Going a little bit further, if you are trying to prevent a stolen phone from being compromised then you're only choice is to have remote wipe enabled. However, even that can only save you if the lost phone is reported quickly AND the person who stole it doesn't know how to yank the SIM card to stop it.
At the end of the day, blackberry still blows apple away in security.
UPDATE: my comment was going to be too long.
@mamcx: I don't think you're quite understanding the scope of the problem you have. ANY data on the device can be compromised, including passwords stored in the keychain. It's really not that hard on the iPhone.
Let's say you hash the password with a salt and store that in your local sqllite db. Now, when a disconnected user types in their username and password your code will have to hash what they typed add the salt and compare it against a value in the local db.
ALL of the information necessary to do this is stored on the device due to the disconnected nature of it. This includes the hashing algorithm and the salt.
Now, let's say the device is stolen OR an internal employee decides to wear a black hat. Pulling all of the data is simple. This can be done in a non destructive way and the device could be put back without anyone knowing it was missing. At this point the hacker has as long as they want to create the rainbow tables to crack the passwords. Heck, there are "companies" that will rent time on various clouds to build the rainbow tables for you.
Of course, the passwords themselves aren't that necessary, unless the hacker wants to resell them, because all of your data is already lost.
So, the question is: how important is the data? If you can't lose it, don't do allow the app to run disconnected. If it's not that important, then by all means do it locally. Just let the users know that they shouldn't use a username / password they are using elsewhere.
Upvotes: 2
Related Questions
- Best and most secure way to store data in SQLite on iOS
- Guide to protect .SQLITE db file in directory in application level and OS level
- How to add data as Password protected field in SQLITE Database?
- How to store a SQLite database securely in iphone..?
- Encrypt passwords in SQLite database?
- iPhone App data security
- iPhone:Create Password Protect SQLite database
- iPhone and SQLite database security
- How Should I Secure a SQLite Database in iOS?
- iPhone SQLite Password Field Encryption