How can I protect username and password saved in preferences?
Some sample code would be nice.
Asked
Active
Viewed 148 times
0
-
2Who do you want to protect it from? If the user has root, no file is safe. If someone steals the phone, nothing you can do will make it perfectly safe, although encryption will make it cost more to get at. The best way to make it safe is to never store a password on disk, make the user re-enter it. – Gabe Sechan Jun 05 '14 at 13:57
-
I'd like you to read this http://stackoverflow.com/a/20560574/730807 – Durai Amuthan.H Nov 27 '14 at 22:42
3 Answers
1
If you store passwords in plain text in an SQLite database or shared preferences, someone with root access might see them. Encrypting credentials prior to saving them locally would be safer, but still not perfect if someone reverse-engineers your app and gets the encryption key.
Have a look at the AccountManager. Also, this post might help you.
If you find that too complicated for your purpose, at least encrypt passwords before storing them into SharedPreferences! You can find more information, explanation and code here, too.
Community
- 1
- 1
Blacklight
- 3,809
- 2
- 33
- 39
0
ACtually shared prefrence data store in your application memory and no other app can access that so beware of this
Digvesh Patel
- 6,503
- 1
- 20
- 34
-
so I don't have to protect them? I really don't know anything about android protection and my professor don't explain at all that part but ask us to implement it in our app... do u know also some useful book with code? – Jun 05 '14 at 13:51
0
SharedPreferences sharedPreferences = MyApplication.getContext()
.getSharedPreferences(ApplicationConstants.SHARED_PREF_NAME,
Activity.MODE_PRIVATE);
Shared prefernces are stored under Android/data/data/yourApp on the internal file system of android and it's not accessible to other apps, so you can privately save data on shared preference
CodeWarrior
- 5,026
- 6
- 30
- 46