Save username with NSUserDefault, how and how safe?

Question

Save username with NSUserDefault, how and how safe?

I would save a couple of values (username / password) using NSUserDefault.

First: is there a way to store them together (e.g. in an array)? Second: is it safe? or did I somehow encrypt the password?

+4

ios passwords objective-c username nsuserdefaults

Sefran2 Mar 6 '11 at 12:58

source share

4 answers

No. It is not safe.

If you need to store data securely, use keychain .

+8

Jeremyp Mar 6 '11 at 13:21

source share

you can use NSDictionary or NSarray to store your values, and you must also encrypt your data, since NSUserDefaults works like a plist that anyone can access

+1

Jonloo Mar 6 '11 at 13:01

source share

This file is easy to use, works with ARC

+1

thanhbinh84 Mar 11 '14 at 8:51

source share

Ferruccio · Accepted Answer · 2011-03-06T13:16:05+0000

Encryption will give you some security. The problem is that your program will also need to decrypt the password, which means that the key must be stored in it. This will make it vulnerable to reverse engineering. It is best to use a one-way function (such as a hash) in a password and store this value of the hash function. When the user enters the password, you then apply the one-way function to the password and compare the result with the stored value. Thus, the password cannot be cracked (well, there is always a dictionary attack, but it depends on the strength of the password).

Instead of using NSUserDefaults, you would be better off using iOS Keychain Services . The main goal is the safe storage of user credentials. Apple has already done all the hard work for you. Use it.

Save username with NSUserDefault, how and how safe?

More articles: