Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Storing a password (iPhone)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Storing a password (iPhone)

Subject: Re: Storing a password (iPhone)
From: Greg Parker <email@hidden>
Date: Mon, 4 May 2009 11:17:56 -0700

On May 1, 2009, at 4:58 AM, Jelle De Laender wrote:

What is the best way to store a password on the iPhone? I can't take the MD5 hash because I need to be able to work with the original password.

Should I create a custom class (with 2 strings) and save them with NSKeyedArchiver with the idea: nobody will read the files (it's impossible: except when you JailBreak) or what should you do? Maybe I can simply use the NSUserDefaults?

Use the Keychain. The Keychain is intended to have better security properties than anything you could build yourself.

The "Keychain Services Programming Guide" contains examples for saving and retrieving a password on iPhone.

In particular, a simple "save it in a file" solution is insecure if the file is included in an iPhone backup and the attacker gets a copy of the backup data. The Keychain is included in backup, but its data is encrypted and can only be decrypted with a key that never leaves the device.


--
Greg Parker     email@hidden     Runtime Wrangler


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden



References:  
  >Storing a password (iPhone) (From: Jelle De Laender <email@hidden>)




Prev by Date:
Re: Cocoa Drawing

Next by Date:
Re: ObjectAlloc and objects that should have been released

Previous by thread:
Storing a password (iPhone)

Next by thread:
Re: Storing a password (iPhone)

Index(es):

Date
Thread