1

I am new in android development. recently I've developed an android app, that accesses my FTP server by entering the required user-name and password. and i want to publish this app on Google play store. but some of my android developer friends told me that these .apk files can easily be cracked and if it does, all my data on FTP will be hacked, and I'll be GONE !

Can anyone please provide me a possible solution to either hide my username and password from hackers ? or any other alternative solution of accessing my FTP server ?

Anum Sheraz
  • 2,383
  • 1
  • 29
  • 54

1 Answers1

4

You had better not include the username and password in your app code (apk).

Your apk itself can be cracked anyway, and that is not avoidable. So if you don't embed your username/password in your app, you will not be stolen your username/password and you can keep your FTP server secure.

Username and password should be input manually at runtime after app's installation. Of course, once user has input username/password manually, to keep these inputs in sharedpreferences may be ok.

hata
  • 11,633
  • 6
  • 46
  • 69
  • yes but thats not what i want. I don't want anyone (user of the app) to know my FTP username and password, then obviously i will not allow them to manually input the user-name and password. – Anum Sheraz Sep 10 '15 at 06:47
  • @AnumSheraz You also want to hide from your own user not only from hackers? That is to hide username/password from anybody other than yourself. While your app knows these. I don't think they can co-exist. You should have an Anonymous FTP sever and control access by administing it. – hata Sep 10 '15 at 07:56
  • and you can do you release code and development code using Build variants in android studio when using user name and pass have to use in dev version – mahmoud Zahran Apr 01 '21 at 09:58