0

How can I securely save user password on CloudKit.

Im developing an app which requires a custom login. I have a separate RecordType for my users called CustomUsers. Each record in CustomUsers have a email and password key. How can I safely save the password to the server and get it back during login?

I tried to use CryptoSwift. But I have no idea on how to handle this.

Abbin Varghese
  • 95
  • 3
  • 1
    This doesn't seem to have anything to do with CloudKit. You seem to have a more general question of how to properly store a password. The location is largely irrelevant. – rmaddy Apr 21 '17 at 17:29

1 Answers1

0

Here is a SO answer to that question.

How to crypt string to sha1 with Swift?

What you do is encrypt your password and store that. Then when you want to check it, your user types in his password, you encrypt it again and check to see if the two match. This article explains the principle.

http://www.movable-type.co.uk/scripts/sha256.html

But ... beware this isn't the best option sha1 has been shown to be vulnerable. http://www.pcworld.com/article/3173791/security/stop-using-sha1-it-s-now-completely-unsafe.html

Better use sha256! which you can implement with this code.

SHA256 in swift

Community
  • 1
  • 1
user3069232
  • 8,587
  • 7
  • 46
  • 87