Re: CoreData: Save password securly
Re: CoreData: Save password securly
- Subject: Re: CoreData: Save password securly
- From: Nicko van Someren <email@hidden>
- Date: Sat, 9 Feb 2008 08:05:35 +0000
- Resent-date: Sat, 9 Feb 2008 08:31:32 +0000
- Resent-from: Nicko van Someren <email@hidden>
- Resent-message-id: <email@hidden>
- Resent-to: Apple Cocoa-Dev Mailing List <email@hidden>
On 9 Feb 2008, at 07:23, Adam Gerson wrote:
Is there a way to save a password value into a core data store so
that its secure from anyone who might go snooping around in the
store file?
Can you give us some more context? In particular, whom do you want to
allow to get the password back and from whom do you want to hide it?
Also, do you have just one password to keep or a whole stack of them?
In general terms, you can't safely put a secret in a file that can be
read by your 'attacker' without using another secret to protect it.
If you have just one password, for use by one user, then you should
probably simply not put it in the CoreData store but should put it on
the Key Chain instead. If you have a large bunch of passwords which
you want to keep safely in a CoreData store then your best bet is
going to be to encrypt them under a key which you in turn put on the
Key Chain. Either way you can't put all the secret information in a
public place and expect it to remain safe.
Cheers,
Nicko
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden