May be it will be a too startup question.
We have developed an iPhone application and its uploaded in the Appstore. We have our own login mechanism, facabook login, and twitter login. Our users reporting an issue that, when the app is started and the iphone device is restarted (switched off), the application is also logged out. And users needs to login again. We have checked Facebook app. It keeps logged in when the device is restarted (switched off). We also want to do like that. Can you have suggest mechanism to do like that.
Store the Username and password in the keychain. When the app starts up, then grab the username and password from the keychain and execute the method for login.
John
You can can Store your acessToken (facebook) with NSUserDefaults, CoreData or FileSystem. I will not suggest you to save your login/password inside your app. If you need to do this, its better save data user(name,address,celphone...) but not the access, like login/password. Its more safe. Of course, you can use KeyChain, but will each in what are you thinking doing with the app.
NSUserDefaults
Save string to the NSUserDefaults?
File System - apple guide
http://developer.apple.com/library/mac/#documentation/FileManagement/Conceptual/FileSystemProgrammingGUide/FileSystemOverview/FileSystemOverview.html
Core Data
Save and Load Data - CoreData
Related
In my iPhone/iPad app's use case, there is a voting system and one device can send its vote once to the server. Therefore my server needs to identify user's device. I don't want the user to register an account because that makes the app complicate. However, I couldn't find a solution that works.
UDID is deprecated
I presume getting MAC address will get your app rejected by the app review process
I tried creating my own UUID using [[NSUUID UUID] UUIDString] and then storing it using NSUserDefaults, but the settings disappear if the user uninstalls the app
identifierForVendor is also reset when the user uninstalls the app
I considered advertisingIdentifier but because I'm not using it for advertisement, I presume it will also be rejected by the app review process
I'm not asking for a bulletproof solution in every situation. Just a solution that works even if the user uninstalls the app. Because I can generate my own UUID, I guess my question boils down to: How I can save data for the app that survives app uninstallation?
However if any of you have other approach, please feel free to inform me. Thanks.
Save the UUID into the keychain.
I developed an iPhone app. User need to log in to update their credentials. I'm using iOS Keychain feature to store the username and password. So, next time user launch the app user will be logged in. I would like to add remember me feature in my app. So, user will have an option to check the remember me or not.
My question is if the user don't want to remember his credentials, when I'm suppose to clear the keychain? How do I know if the app is closing/shutdown?
– applicationWillResignActive:
– applicationDidEnterBackground:
These two methods are called depending on the situation when the app enters background.(sleep button/phone call etc).
You can look it up in the docs.
https://developer.apple.com/library/IOs/#documentation/UIKit/Reference/UIApplicationDelegate_Protocol/Reference/Reference.html#//apple_ref/occ/intf/UIApplicationDelegate
You meed to write the login credentials to application preferences.
(Here is how to read write to iPhone app preference)
http://knol.google.com/k/iphone-sdk-application-preferences#
Also here is how to read default preferences
http://www.redcodelabs.com/2009/07/read-iphone-preferences/
Here is my situation...
I want my password to be encrypted and at the same time I want it to be in iPhone settings (by adding resource and accessing it through NSUserDefaults), but i think NSUserDefaults saves the password or information in plane text and iPhone takes care of everything in its Settings app if there is any change or whatever.
How could I make sure that information that I see in the Settings is coming from and going back to Keychain but before that, Is it possible? If not any other way? May be writing encrypted file?
I DO NOT want settings to be in my app.
thank you
us
The Keychain service cannot be invoked from within Settings, you need to do this within your app. It is good practice to ask users for their password within your app in a login page or UIAlertView at least (like the App Store does).
From the user's point of view, they don't want to have to launch Settings, enter their password, and then launch your app to log in, they want to do it all in one place.
What is the best/most secure way for my iPhone app to remember Username and Password credentials, so that the user will not have to reenter them every time they use my app? (My app will be logging in to a server using these credentials and returning some data).
Thanks!
The best place would be the keychain. It is automatically encrypted and backed up. However, on older iOS versions, the backup would not be accessible after a restore. See the Keychain Services Programming Guide and Keychain Services Reference.
Try this SFHFKeychainUtils https://github.com/ldandersen/scifihifi-iphone/tree/master/security
It's drop dead simple and works like NSUserDefaults
There are two ways to store user/pass.
keychain api
NSUserDefaults
To learn more about it,open the iOS developer library on http://developer.apple.com
is it possible to get the user's information, such as apple ID, through the sdk? I am writing an app which will require an account linked to the app user. I want to allow the user to have one account across multiple devices, so using the device ID is not possible. The easiest way to do this, I am thinking, is to use the app user's apple ID as this account's ID, so not requiring them to create yet another account.
No, it's a privacy issue, just like their phone number.
They'd still have to create an account on your site since you don't have access to Apple's databases, and no one will be willing to give you their iTunes passwords for obvious reasons.
All you're really saving is them entering a user name, since they'd still have to give you a password. It's very easy to remember this data for future runs of your application. Look into using NSUserDefaults. I would recommend against using the UDID and give the user the option to save their password. That way if the phone is lost, whoever finds it doesn't have automatic access to the owner's account. If the user opts for automatic login, you can easily save the password and send it along with the username when the app loads.
It's not (AFAIK) possible. You can only retrieve the device's UDID.
What I've done in the past is link an account on my side with multiple UDIDs on the user's side, so when they install the app on various devices they can just use that single account and it will automatically link that device. Not ideal, but I've not seen a better solution.
If it is a game, you can use the Game Center Account to identify an user
Instead of the UDID for the device, you might try the [UIDevice currentDevice].identifierForVendor It is linked to the device and the app installation.
I am storing the username and encrypted password in a file that is stored in the user's application file space. When the app starts up, if it finds this file, it attempts a login without asking the user. Having a password, even encrypted, stored in the file system does seem insecure, but the application is not one where people are apt to try and steal passwords.