What is the best way to store confidential data like usernames, passwords, etc in an iOS application?
Apple provides the keychain for storing sensitive information.
https://developer.apple.com/library/ios/documentation/Security/Conceptual/keychainServConcepts/01introduction/introduction.html#//apple_ref/doc/uid/TP30000897
You should not use NSUserDefaults or CoreData unless you have provided some means of encrypting the content, and even so, you'll still need to manage and store encryption keys securely. The keychain provides all of this for you, and with iOS 8 you can now flag keychain items to require presence of a device passcode if desired.
Use Encryption for username and password and save in defaults.
The proper way: Don't.
The mobile phone is a very unsecure place to store information. If the security is #1 for you, you should not store sensitive information on the device.
You can use the default iOS security options, for example Keychain with CommonCrypto, or openssl, but your data never will be completely safe without a secure server component.
Keychain has it's very bad quality: It is as secure as the device's passcode.
Related
Is there a more secure container than NSUserDefaults for persisting shared data between an app and an extension?
As I understand it the contents are stored in plain text.
If you are looking for secure location to store data you should check out NSKeyChain
The keychain is a highly secure storage location for user names, passwords, logon tokens, secret keys, etc.
Apple preview KeychainWrapper class which allow you to access it easily, in very similar way you do with NSUserDefaults. Keychain is C api so it's fast.
I don't know your app requirements, but if you are planing to store lots of data DON'T use keychain.
In iOS application i have to make user's login safe and secure and user can login from different iPhones having same application downloaded. Application should work in offline too. So which method should i implement?
I searched and got RSA encryption in which there is private and public key method but i can't figure out how i implement it in application?whether i hold both keys in server and client side or who get which key? And how can i make only one key generation for every application downloaded? As data should roam securely between client server system.
Is there any other mechanism which i should consider implementing in my problem?
You don't need to perform any encryption. Just store the passwords in the keychain, which has stronger encryption than anything you could possibly implement — as it's integrated into the Secure Enclave which has no public API other than keychain and already uses RSA encryption, among other things to make it even stronger than just that alone.
If the user enables iCloud KeyChain syncing, then the password you store there will be synced across all their devices.
Your application will work offline.
If the user has a weak passcode to unlock their device, then the encryption will not be very good - it can probably be cracked in under an hour (although this information is old, and may not be valid for modern hardware). The best security practice is to disable "Simple Passcode" and use alphabetic characters + digits. It doesn't need to be as strong password, just something short and alphanumeric is fine (the iPhone is a special case, and handles weak passwords better than most security systems). If the user has a finger print scanner available, that can be used to avoid having to type their password in regularly. This is quite secure, contrary to early reports otherwise.
If the devise has no passcode at all, then there is no encryption and it is impossible to implement protection. In that case your only option is to store your secure data on a remote server, and never ever allow the device to access it. Or else just hope nobody steals the phone. Without a passcode/password, it is impossible to store anything securely on an iPhone.
It sounds like you want a single device that will be shared by many users? If that's the case you cannot store the password on the device. It is impossible to achieve security unless there is a passcode and the passcode must be secret, anybody who knows it will be able to bypass any encryption you implement.
As you know many apps use keychain to save user login name and password, but is it really safe? especially on device jail break mode. So another solution is to use Outh2 protocol to save those confidential infomation on server side which needs many changes on both client and server side (for my app).
How do you guys handle this tough issue? Anyone who knows please share and thanks in advance.
Keychain:
It has two level encryption options
lock screen passcode as the encryption key
key generated by and stored on the device)
But when the device is jailbroken its not safe too.
oAuth:
Eventhough you store credentials in server you'll have to save the OAuth TOKEN in client side there is no place better than keychain to store it in client side.So now comes possibility of extracting the TOKEN on jailbroken device.
As far as I know in most apps they use one of these approaches.
If you need those data to be very very secure.
Suggestions:
Store OAuth token in server not in client
Store the Encrypted Credentials in Keychain and store the encryption key in server.This approach would be easy for you since you said adopting OAuth is hard for you.
Note:
There are some open source libraries available which detects if the device you run or app is cracked if so you can take action like deactivating TOKEN,deleting critical resources,locking app etc.
How this app Keychain2Go get all the keychain on iPhone and delete them?
As what is said in Apple's document:
In iOS, an application always has access to its own keychain items and
does not have access to any other application’s items. The system
generates its own password for the keychain, and stores the key on the
device in such a way that it is not accessible to any application.
When a user backs up iPhone data, the keychain data is backed up but
the secrets in the keychain remain encrypted in the backup. The
keychain password is not included in the backup. Therefore, passwords
and other secrets stored in the keychain on the iPhone cannot be used
by someone who gains access to an iPhone backup. For this reason, it
is important to use the keychain on iPhone to store passwords and
other data (such as cookies) that can be used to log into secure web
sites.
But Keychain2Go really can. How?
As far as I understand from the documentation of Keychain2Go it provides all the secure information of your Mac in iOS device. So it does not have any ability to change the iOS keychain items.
On iOS
For the first time ever, you can now access your Macs keychain on your iOS Device. You get full access to your keys stored in Keychain2Go. Never again you fail to login to your web mail account when abroad and you forgot your password on the Mac at home.
Rather confused about this.
I'm storing the user's username and password inside Keychain in my app, does this constitute an encryption feature in accordance to the App Store Export Compliance? Or does this concern things like SSL?
Thanks
I submitted the app without ticking the box for encryption data and it was accepted. It seems that keychain does not effect this.