1

Developing an application which will have multiple users using the same device and have offline capability. Found keychain wrapper .But The real problem is how to manage multiple user passwords in keychain?I have a sqlite DB for storing all the logged in username.What is the best way to manage the password?And how?

Lithu T.V
  • 19,955
  • 12
  • 56
  • 101
  • know that the keychain isn't completely secure. If the device is jailbroken, then someone can get access to the keychain in plaintext. If you are going to use the keychain, you should implement jailbreak detection as well. – SpyMachine Jun 12 '13 at 16:00

3 Answers3

0

You can store the passwords in keychain.

Create a dictionary which contains username as keys and passwords as values. You can store this dictionary to keychain item to store all passwords safely.

Amit
  • 1,043
  • 1
  • 10
  • 32
0

You can use the wrapper SFHFKeychainUtils, and store different passwords for different services.

You save the user in NSUserDefaults for each service, and then store and pull the password using the serviceName parameter. 

     [SFHFKeychainUtils storeUsername:name andPassword:secret forServiceName:serviceName updateExisting:YES error:&error];
gillyD
  • 707
  • 5
  • 14
0

Take a look at this open-source project on github SSKeyChain Works very similar that wrapper but also provides access to accounts, getting passwords, setting passwords, and deleting passwords.

Inset password to Keychain:

NSError *error;
[SSKeychain setPassword:@"password"
             forService:@"example_name"
                account:@"account1"
                  error:&error];

In your situation i would change the account variable for your second password.

To retrieve passwords: 

  NSError *error;
  NSLog(@"password1 is %@", [SSKeychain passwordForService:@"example_name" account:@"account1" error:&error]);
  NSLog(@"password2 is %@", [SSKeychain passwordForService:@"example_name" account:@"account2" error:&error]);
Shams Ahmed
  • 4,498
  • 4
  • 21
  • 27
  • That would be that easy approach if you wanted a Obj-c class and don't wanna go into c api, however if you decide you want to go into c api route or even modify SSKeyChain take a look at kSecClassGenericPassword and kSecClassInternetPassword. KeyChain object are stored in a dictionary so keys have to be unique but if you were two create two types of of key one generic and another internet password that would allow two passwords in one keychain – Shams Ahmed Jun 14 '13 at 11:19