1

We are developing a multiple platform mobile application using Xamarin. We want to protect the database (SQLite) with at the very least a password to gain access to it.

We're not too concerned with our Windows Phone platform as the storage is protected so that only the application has access to it, but with the Android platform it can easily be lifted from the device and we'll be developing an iPhone version soon.

We use Xamarin which integrates with .NET and allows us to share the business logic across all platforms but requires the UI to be written separately for each platform.

As of present, September 2014, what would be the best way to password protect the database.
What is the recommended approach?

UPDATE:

Currently Xamarin points to using one of these 2 methods:

http://developer.xamarin.com/recipes/ios/data/sqlite/

We currently use SQLite.NET, but as far as I can tell, neither will allow me to user the method: 

conn.setPassword()

Is this a limitation in the Android version of SQLite or just the access layer not exposing the functionality?

UPDATE 2: It seems the ADO.NET version does allow the set password functionality.

Thanks.

ligi
  • 39,001
  • 44
  • 144
  • 244
user625832
  • 41
  • 1
  • 6

1 Answers1

0

You can use Sqlite Encryption Extension or SQLCipher here and here respectively for encrypting your sqlite database for android. Also, look at this answer.

Please note that the sqlite database can be lifted from your device but only if the device has been rooted.

The best approach for securing data would be to store it remotely on some server and communicating via a secure connection.

Community
  • 1
  • 1
prasanjitDe
  • 179
  • 1
  • 7
  • Hi. Thanks for that. I had been looking around the various answers and looking at what can be done in Sqlite3. I came across that page. As we use Xamarin, I have looked at this page: http://developer.xamarin.com/recipes/ios/data/sqlite/. I was trying to find out if the SQLite3 conn.setPassword functionality would be supported which seems the easiest for our needs, but that doesn't appear to work on the Android version - either in the SQLite functionality or in the .NET layer calling down - the method doesn't exist. – user625832 Sep 22 '14 at 11:02