11

I need to maintain my log-in credential for throughout the app so, I have 3 options to maintain my log-in credentials...

1 key chain
2 NSUserDefaults
3 plist

Which one is best one to choose ? Is there any other way is there to store the log-in credentials?

Thanks in advance

Arun
  • 3,406
  • 4
  • 30
  • 55

2 Answers2

20

I'll suggest keychain for storing the login credentials due to the security feature it provides. The keychain services on iOS provide a means to securely store content such as passwords, keys, certificates, etc.

Sensitive data like passwords and keys should be stored in the Keychain. Apple's Keychain Services Programming Guide states that

"A keychain is an encrypted container that holds passwords for multiple applications and secure services. Keychains are secure storage containers, which means that when the keychain is locked, no one can access its protected contents".

Here is two nice tutorial for you.

  1. How Not to Store Passwords in iOS
  2. Using Keychain to Store Username and Password
  3. How to secure user data
Midhun MP
  • 103,496
  • 31
  • 153
  • 200
  • Hi thanks for your quick reply... but i have one doubt in that?... while storing in the key chain is the secure one but during the uninstalled state the key chain contains the password will not deleted then how i maintain that? – Arun Nov 20 '12 at 04:30
  • Even if the app has been deleted and the password is kept in the keychain, it is secure. There's no way of removing it from the keychain when the app is removed. If anything, the password will just persist until your app is reinstalled again. Nobody can access it or see it. – Jack Humphries Nov 20 '12 at 04:41
  • @Spynet: that will be one issue, you can overcome it using adding just one flag to your NSUSerDefault. When the application is running first check the bool. The bool indicates the password is saved to keychain. – Midhun MP Nov 20 '12 at 05:23
  • @MidhunMP what about when the Keychain is sync? or when user change his iCloud acc? the Keychain will change – onmyway133 Jul 29 '14 at 03:41
0

This link is intended to make using the Mac OSX and iOS Keychains as easy as NSUserDefaults.

It is a KVO-compliant Cocoa wrapper around the Mac OSX and iOS Keychains, and the model for this wrapper is NSUserDefaults, so the intent is that for the common cases you would normally want to call:

[NSUserDefaultsController sharedUserDefaultsController]

You should be able to call

[PDKeychainBindingsController sharedKeychainBindingsController]

And for the common cases you normally would have called:

[NSUserDefaults standardUserDefaults]

You should be able to call

[PDKeychainBindings sharedKeychainBindings]

There are a couple of differences between the implementations. First, this class is only valid for strings, because that's what the Keychain accepts, so the methods that take non-string objects (like arrays and dictionaries and the like) have been omitted from the class. Secondly, right now, only "immediate mode" is implemented, so you can't set a bunch of values and then call "save" to do only one write, and there's no "revert to saved values" functionality).