I am developing an application where i need to store and retrieve user data like (user name, password, url, domain name etc) using keychain. But i found there predefine keys available like, (kSecAttrAccount, kSecAttrDescription, kSecAttrComment, kSecValueData etc). Earlier i was using Plist to store thise information.
So can anyone help me, how to use keychain for storage.
I have gone through apple sample project that is only using for login and password.
Can i use dictionary (contain all user data) to setobject in keychain and get dictionary from it.
Thanks
I've created a very simple wrapper around the Keychain. It works very similar to NSDictionary with setValue and objectForKey methods.
https://github.com/reidmain/FDKeychain
Related
I am currently using Cloud Firestore for my iOS app, which allows users to store their expenses to the database, but in order to secure privacy, is there any way I can make sure that I can't read the data that they are inputing into the database. While the queries and all still work, I or any admin isn't able to see what users have put into their database?
No such feature exists. Admin access through the console and the Admin SDK is able to read all collections and documents all the time.
As #Frank van Puffelen suggested:
Obfuscating the data through encryption, will prevent any unwanted eyes from viewing any information. This will add to your workload since you will need to perform the encryption and decryption at either end of the app (client and server).
I believe, you could take advantage of firebase's cloud code, to minimise the amount of code execution performed on the device, but I have never tried this, so am unable to confirm.
As far as an encryption key, you have a few options:
The user's password: This is one way of ensuring the encryption without revealing the key to any admin, since passwords in firebase are already obfuscated from any viewer. The only issue would be that a user would be locked into a password, as changing it would prevent decryption.
Store locally: You could store the key locally on the device, which would mean that the user could enter a key, or have one auto-generate, upon launching the app for the first time. You would then store this in the app's default key storage, and retrieve when required. Whilst, I believe this to be the safest, it means that your app could not be used across iCloud devices, since the key would be stored locally.
Finally, is CloudKit, which allows you to store data in the cloud. This is private, and only accessible to the user's cloud devices.
I realise that there is no code in this example, I am not currently at my desk, for which I am sorry for, if anyone else would like to edit with some code examples, I would be grateful.
I hope this helps.
I'm building a web application and would like to access data that is stored on the iCloud. Not just app data, but data like contacts, messages, etc.
There's very little information on the Internet about retrieving this data and so far I have been unsuccessful. Is there anyway I can access iCloud using an API call and download an entire backup and then sort through the data?
I appreciate any help.
As far as I know, NSURLCredentialStorage is just a wrapper for the keychain services with a more convenient API. Which is why I'd like to use it. But I also want to take advantage of the Data Protection feature kSecAttrAccessibleWhenUnlockedThisDeviceOnly that keychain offers.
Is there a way to set this attribute when using NSURLCredentialStorage to store credentials?
Turns out the answer is Yes, kind of. I looked into the keychain item that NSURLCredentialStorage created. It is of the class kSecClassInternetPassword and has the access key kSecAttrAccessible set to "ak", which is kSecAttrAccessibleWhenUnlocked. So the password is not decrypted while the device is locked.
The only downside is that NSURLCredentialStorage doesn't offer a way to change that to kSecAttrAccessibleWhenUnlockedThisDeviceOnly to get an additional level of security for your backed-up data. You could only change that attribute manually on the keychain item using the lower level keychain APIs (i.e. SecItemUpdate).
I am looking for the best way to do a One Time Login for my iPhone application. Using iOS 5.1.1 SDK but targeting iOS 4.1 for deployment.
Its purpose is to fetch a generated ID: if an ID exists then I don't need to login anymore, the ID will be returned in XML.
My application is an extension to a current web based service, it involves asynchronous HTTP POSTs on location updates with an ID as an identifier and checking the XML returned for any errors. The ID does not expire. It is a single view application as it just requires a start/stop button.
The username for the web service never changes so I just want to fetch the ID once off, there is no benefit or security risk if a person was to hack things and get the id due to the nature of the service and the application providing no information on the user. The process I would like goes as follows.
Application launched.
Do we have an ID stored? (yes/no)
If yes go into application.
If no present username/password screen to get ID.
On entering username/password, password is encrypted, sent to the server for verification, if yes then an id is returned and stored.
The username/password would be two inputs and a login button.
What would be the best way to go about this? I really don’t know what direction to follow here.
What I would recommend doing is using iOS's Keychain to store the ID of the user. You can never be too safe, Example usage can be found here GenericKeychain alternatively theres numerous easy to use wrappers to accomplish this.
If you really dont care for security, NSUserDefaults works for storage.
Also, I would suggest utilizing iCloud Document storage to make this ID persistent for all the user(s) devices. You can refer to this thread for more info.
Hope all that I suggested helped with your question !
UPDATE: For anyone else who finds this answer useful. As #sandmanza mentioned, be sure to include the Security.framework, if you go the Keychain route.
You can save ID in NSUserDefault and upon launching the app, you can retrieve ID from NSUserDefault and check whether ID is present or not, and based on that you can proceed further.
I have an iPhone application that requires the user to login(username, password).
I currently store the credentials of the last succesful login and fill the textfields the next time the user launches the app.
Alot of the times though the user may have more than one account and I now need to implement something to store login credentials for more accounts.
How would you suggest that I do that? I looked around but I couldn't find anything related to this.
NSUserDefaults or Storing into sqllite or Storing into a plist are on of the ways of storing persistent data. But they are not secure. I will recommend Key Chain Access for storing secure data.
This link provides a apple sample code which uses key chain Access
http://developer.apple.com/library/ios/#samplecode/GenericKeychain/Introduction/Intro.html#//apple_ref/doc/uid/DTS40007797-Intro-DontLinkElementID_2
But one disadvantage is you cant test this in simulator it works only on device i think.
You can also add multiple items to the keychain.
Look NSUserDefaults at the documentation.
Maybe this tuto can help you : http://icodeblog.com/2008/10/03/iphone-programming-tutorial-savingretrieving-data-using-nsuserdefaults/
Try with CoreData...