In my xamarin application there is the option to create a user. Now that i have my associated domains setup properly, iOS prompts the user with the question if he wants to use a strong password for his account and to store it in his key chain. This is not build in the app, but some iOS feature. Now i have the problem that after registering with a strong password, the password is not save in the keychain nor does it prompt when the user want to login. Problem is, the user does not know its password and cannot login after he logged out. I have this on all iOS devices in testflight and in the live application.
What could be the problem, or can someone guide me in a direction where i could find an answer?
I tried to tinker with some custom code (see below) to fix the problem, or get the password stored in the keychain.
if (!NSUserDefaults.StandardUserDefaults.BoolForKey("FirstLaunch"))
{
// Delete the keychain items on first launch so after a reinstall the key is gone
// Tried all sorts of combination of securityRecords
var securityRecords = new[] {
SecKind.GenericPassword,
//SecKind.Certificate,
//SecKind.Identity,
SecKind.InternetPassword,
//SecKind.Key
};
foreach (var recordKind in securityRecords)
{
SecRecord query = new SecRecord(recordKind);
// For now as a test disable this. So we can check if keychain password gets stored again. Not sure if first launch bool get correctly stored
//SecKeyChain.Remove(query);
}
// Mark that the app is first launched
NSUserDefaults.StandardUserDefaults.SetBool(true, "FirstLaunch");
NSUserDefaults.StandardUserDefaults.Synchronize();
}
So:
I fill in registration the form in my app, username manually
Auto generate password and repeat password by iOS (this is not a xamarin function)
save user account
Problems:
Password is not stored in key
login form does not popup asking if i want to use stored keychain data (which makes sense, there is nothing there) Hope this makes more sense
Related
I want my app to save username and password data e.g. at the first login or registration, so later when user tries to log in again it will be offered by the os to auto fill the form. So this is similar when app offers credentials saved in safari, but I also want my app to save this credentials if the login happens there. According to apple documentation I think it should be possible:
https://developer.apple.com/documentation/security/shared_web_credentials/managing_shared_credentials
If the user can create new accounts in your app, you should save the
user name and password to the shared web credentials. In this way, the
user can easily access the account from Safari, as well as from within
your app. You can save the user’s name and password to the shared web
credentials using the SecAddSharedWebCredential(::::) function as
shown.
However when I do this:
SecAddSharedWebCredential(domain as CFString, username as CFString, password as CFString) { error in
if let error = error {
print(error)
}
}
I get the following error printed out:
Error Domain=NSOSStatusErrorDomain Code=-909 "Autofill is not enabled in Safari settings" UserInfo={NSDescription=Autofill is not enabled in Safari settings}
You’ll certify who you are, via Apple, when you create your app, to prove the following:
That your app will be using the Associated Domains capability.
That your Team ID is, in fact, valid.
Check out this tutorial for help How To Secure Your App’s Passwords with Safari AutoFill in iOS 8
I am setting up iOS Autofill Password in my app, and I followed all the guidelines in this tutorial https://medium.com/developerinsider/ios12-password-autofill-automatic-strong-password-and-security-code-autofill-6e7db8da1810. If I have a manually saved password in the keychain for the app's website, it gives me the option to autofill it on login.
However, when the credentials are not saved, the app does not prompt me to save them on login.
My username and password textfields are with correct content types (just like in your tutorial), I have the apple-app-site-association file configured properly, and the associated domains as well.
I don't understand what I am missing.
You didn't put any log about that. But the AutoFill feature has some tricks that need attention as describe on Robots & Pencils and other question in stack overflow
One attention point if you update the apple-app-site-association remove the app from your device and install again because the app store the last version as a cache.
Verify the TEAM ID on apps in apple-app-site-association because many get confused with the signing id from your account.
Known issue:
[AutoFill] Cannot show Automatic Strong Passwords for app bundleID: app.bundle.id due to error: iCloud Keychain is disabled
Do you need check on your macOS on Internet Account -> iCloud -> Keychain is enabled and verify in your idevice if the feature is enabled on Settings -> Apple ID -> iCloud -> Keychain is On
In the other case if you followed the tutorial correctly it will be working
I had the same problem. In my case the issue was that I was clearing the username and password text fields after successful authentication before pushing my next view. Apple's heuristics seem to require the text fields with .username and .password content types to be populated when the view disappears.
I was having same problem. I did all the setup which recommended by Apple (https://developer.apple.com/documentation/security/password_autofill/about_the_password_autofill_workflow).I had few fields in between UserName and Password field on Signup Screen. But when I put Password field just next to UserName field then Apple popup to save password appearing.
I have the same problem, Because 3 textField in my viewController, usernameTextField,passwordTextField and authcodeTextField.Set passWordTextField.becomeFirstResponder() before release the controller, its work for me
I have an Username & password. I want to save it for an App. If app will deleted then username password will save for that app only, during reinstall the app it will work. If I instal the app in another devices then that user name password will be work.
For same thing I have some data. I want to save that for future. Means suppose I deleted the App and again reinstall the app again or instal the app in difference device then that data will be secure.
For this purpose I used iCloud, but its taking too much time for sync & sometimes its not working properly.
Please anybody can suggest me how can I doable with this above 2 problems ?
Note: I don't want to use web services. My app is without webservices.
Thanks in advanced.
iCloud
Store Private credential using iCloud
WebService
At first time, User install App, make one service to check using DeviceToken user Device is registered or Not.
if user device is registered then gives you username and password, otherwise Skip and display login page.
At login page you have to pass deviceToken, username and password thorough webservice.
Now you remove and again install app, Apps check using web service to passing DeviceToken, if user is login previous then give UserName and Password.
I want to use it in my Login screen. In detail, instead of asking user to enter Login Id and Password, I want user to go for Touch Id and if he/she is a device owner, then allow them to go inside app (Post Login screen).
My question is, if the user changes the password using a web application, then in this case touchId should fail. How can I achieve this?
You can use Touch ID to protect a password that is stored in the keychain. Once the keychain item is unlocked then present the username/password to your web site for verification. If verification fails then prompt the user to enter the password. Once the new password has been successfully verified then update the keychain item.
Download the iTunesConnect app for an example of this behaviour.
Sample code on using TouchID with Keychain is here - https://developer.apple.com/library/ios/samplecode/KeychainTouchID/Introduction/Intro.html
I've developed an app where in the entered username and password by user is saved using NSUserDefaults.
Any request from user for any service needs this username to be sent. So using NSUserDefaults I'm sending username for each request. Still the iPhone app is logging out without clicking the logout button and starts from the beginning asking for username and password.
As facebook app and others remains once logged in. Please let me know why the app is logging out frequently without clicking logout button.
Thanks in advance.
On launch check if there is a saved username and password, if so use them. When the user enters these save them.
You need to look at the page source from the server for the form request of the credentials, create the form response with the credentials and post it. This is doable and actually not very hard. On one project I did this for auto login and respond to many form requests so the user never saw them.
Do not use NSUserDefaults for credentials, it is not secure. Instead use the Keychain, it is secure.