Android App storing and calling Username and Passwords

Question

I have an application that I want to create a log in activity. Ive got 1) Login (Button) 2) UserID (EditText) 3) Password (EditText)

I would like to store the username and password on the device's internal storage. How do I create the file from which the SharedPreferences pulls from and encrypt it?

login_Button.setOnClickListener(new View.OnClickListener(){

        @Override
        public void onClick(View v) {

            SharedPreferences userDetails = getSharedPreferences("userdetails", MODE_PRIVATE);
            SharedPreferences.Editor edit = userDetails.edit();
            edit.clear();

            if(etUserID.getText().toString().equals("")){
                Toast.makeText(getApplicationContext(),"Please enter a User ID", Toast.LENGTH_LONG).show();
            }else if (etPassword.getText().toString().equals("")){
                Toast.makeText(getApplicationContext(),"Please enter a password", Toast.LENGTH_LONG).show();
            }else{
                edit.putString("userID", txtUID.getText().toString().trim());
                edit.putString("password", txtPass.getText().toString().trim());
                edit.commit();
            }



        }
    });

The txtUID and txtPass is showing up as red and when I delete it the system says that the getText is wrong.

This is my first shot at an authenticator. I found something called PasswordAuthentication from the android dev page but I haven't been able to find any tutorials or code of it being used.

SharedPreferences userDetails = getSharedPreferences("userdetails", MODE_PRIVATE);
    String UID = userDetails.getString("userID", "");
    String pass = userDetails.getString("password", "");

    if (userDetails.contains("userID")||userDetails.contains("password")){
        startActivity(new Intent(LogOn.this,CrimeMap.class));
    }

Sources Ive used for my research: http://developer.android.com/reference/java/net/PasswordAuthentication.html how to use getSharedPreferences in android

Update:

Ok, here is my updated code. If I don't enter a User ID or password it sets off my statements. However, the program doesn't go to the next activity when I put in the correct UserID and Password. I'm going to get it running first and then Ill move on to encrypting it.

@Override protected void onCreate(Bundle savedInstanceState){ super.onCreate(savedInstanceState); setContentView(R.layout.activity_log_on);

    etUserID = (EditText) findViewById(R.id.etUserID);
    etPassword = (EditText) findViewById(R.id.etPassword);
    login_Button = (Button) findViewById(R.id.bLogin);


    login_Button.setOnClickListener(new View.OnClickListener(){


        @Override
        public void onClick(View v) {

            int uid = 1155;
            String pass = "pass";

            SharedPreferences userDetails = getSharedPreferences(User_File, MODE_PRIVATE);
            SharedPreferences.Editor edit = userDetails.edit();

            edit.putInt("userID", uid);
            edit.putString("password", pass);
            edit.commit();


            if((etUserID.getText().toString().equals("")) || (etPassword.getText().toString().equals(""))) {
                Toast.makeText(getApplicationContext(),"Please enter a User ID", Toast.LENGTH_LONG).show();
            }else if (etPassword.getText().toString().equals("")){
                Toast.makeText(getApplicationContext(),"Please enter a password", Toast.LENGTH_LONG).show();
            }else{
                edit.putInt("userID", Integer.parseInt(etUserID.getText().toString()));
                edit.putString("password", etPassword.getText().toString());
            }



        }
    });

    SharedPreferences userDetails = getSharedPreferences(User_File, MODE_PRIVATE);

    if (userDetails.equals(etUserID) && (userDetails.equals(etPassword))){
        startActivity(new Intent(LogOn.this,CrimeMap.class));
    }

Update:

I finally got it! Thanks for your help! Here is my complete code for this portion of the project. I still haven't encrypted it but I think I'm going to take a break and come back to it later. Thanks for all your help!

     @Override
        public void onClick(View v) {

            int uid = 1155;
            String pass = "pass";

            SharedPreferences userDetails = getSharedPreferences(User_File, MODE_PRIVATE);
            SharedPreferences.Editor edit = userDetails.edit();

            edit.putInt("userID", uid);
            edit.putString("password", pass);
            edit.commit();


            if((etUserID.getText().toString().equals(""))){
                Toast.makeText(getApplicationContext(),"Please enter a User ID", Toast.LENGTH_LONG).show();
            }else if (etPassword.getText().toString().equals("")){
                Toast.makeText(getApplicationContext(),"Please enter a password", Toast.LENGTH_LONG).show();
            }else{
                String user_id = etUserID.getText().toString();
                int user_id2 = Integer.parseInt(user_id);
                String user_password = etPassword.getText().toString();

                int userID = userDetails.getInt("userID", 1);
                String password = userDetails.getString("password", "no name");

                if (userID == user_id2 && password.equals(user_password)){
                    startActivity(new Intent(LogOn.this,CrimeMap.class));
                }
            }

score 1 · Accepted Answer · edited May 23 '17 at 11:59

1

Don't try to access the file. Let android do that, and encrypt the data you store to the shared preferences. I mean:

  edit.putString("userID", encrypt(txtUID.getText().toString().trim()));
  edit.putString("password", encrypt(txtPass.getText().toString().trim()));

You can use whatever encryption you like, though of course you'll need to decode it this way.

Another option is to store the SHA1 encrypted password, and in the authentication you compare the SHA1 encypted password that was typed in with the stored string. You could use http://mvnrepository.com/artifact/commons-codec/commons-codec for example:

String sha1Password = DigestUtils.sha1Hex(password);
edit.putString("sha1Password", encrypt(sha1Password);

To fix the "red" problem you'll need to declare txtUID, txtPass. They should be added to your layout somehow. Probably via editing the layout xml. But even programmatically you can do, like: Input text dialog Android

edited May 23 '17 at 11:59

Community

1
1

answered Jan 27 '16 at 20:09

Gavriel

18,880
12
68
105

Do you access the shared preferences directly in order to create the file holding the username and password? Right now I'm looking at "parse" and sharedpreferences. Is "parse" even used by software companies? Source: http://parse.com/ – F0xcr4f7 Jan 28 '16 at 03:33
1. no, the above code you have already does take care of the storage. 2. I don't understand the question about parse. Yes it is used, they have a pricing for every use case, but how is that related to your original question at all? – Gavriel Jan 28 '16 at 06:26
sha1 is not an encryption algorithm. – njzk2 Jan 29 '16 at 18:39

Android App storing and calling Username and Passwords

1 Answers1