what is the better way to store credentials in android studio?

Question

I’m creating an android application that connects to my web-based application using WebView. After the user log’s in to my android application I use webview.postURL to send post data to my website so the user does not need to login again on my website. Now, I would like to implement an option “remember me” to save the user’s credentials in my android application. I’m currently using SharedPreferences to store user credential and I have read that storing users’ credential in SharedPreferences is risky as it is saved as clear text. The credential for this application is not shared to any other android application. It is only shared with my website.

Any suggestion would be appreciated.

Check https://stackoverflow.com/questions/1925486/android-storing-username-and-password — Raúl Salinas-Monteagudo, Mar 29 '19 at 10:40

score 0 · Answer 1 · answered Mar 29 '19 at 10:36

0

It is advised not to store any vital information in the android device such as passwords and usernames. However, a more ideal way to counter the problem you have is to implement a single sign on (similar to sessions in web development).

This kind of approach will ensure that user logs in once such that whenever they come back, they're logged in directly. Then the app only asks for credentials only if user logs out.

answered Mar 29 '19 at 10:36

Hulisani Mudimeli

390
4
8

Consider using tokens to remember user once they have logged out. – Hulisani Mudimeli Mar 29 '19 at 10:39

what is the better way to store credentials in android studio?

1 Answers1