I'm creating an application that requires the user to log in, I've read that it's a bad idea to use NSUserDefaults so I want to go with either storing the data inside a sqlite databaseor use keychain access. My app will show data based on what user is logged in from that device, so if two people have an account with me they can log in from the same device and it shows the data pertaining to their log in. Is it possible to store multiple log in credentials with keychain or should I go with an sqlite database so that I can properly connect it to the data pertaining to that log in? If keychain is the best way can someone point me to a demo that lets you store multiple users in the keychain.
Update
The reason I need to store multiple user/pass in the keychain is because after they log in they are required to create a four digit pin to use within the app. As of now if someone else logs in it uses the previous pin instead of asking for the user to create a new one. Should I add an if statement to check if the user is in the keychain and if they are not there call the pincontroller. Using the keychain how can I tell which pin belongs to which user?
iOS provides a very secure way to do this via the keychain. It's really the only way to store this type of information so I strongly recommend against rolling your own solution.
If you want to access the keychain you can use one of the many libraries available for this. Here are two:
https://github.com/soffes/sskeychain
https://github.com/secondgear/SGKeychain
Related
I have an iOS app where all user and data functionality is handled through firebase. For all required firebase functions, we have set the rights on firebase set such that they are secure (i.e., everyone can only read/write the parts of the database that are relevant to them).
Now, in the “create new user” screen of my app, obviously no user is signed in yet, but I would like to check for availability of the desired email address and username.
How can I conduct the check without making a list of all email addresses and usernames openly accessible in the database (i.e., setting the rights such that everyone can read them).
Keeping an openly accessible list of usernames in the database in my view is a security risk. On the other hand of course no user is signed in when on the “create user” screen, so I don’t know how to restrict the access.
Thanks.
There are many ways around this. Here are a couple suggestions:
Sign the user in anonymously before choosing a username. This would then give them the access you're looking for without making the data public. Then, when the user creates an account, the anonymous account can be converted, as shown in the documentation.
Use an HTTP-triggered Cloud Function, passing the username the user wants to try as a query. Inside the function, check the database for the existence of the username, and then respond to the HTTP call accordingly.
I'd probably do the former because it'll return a quicker response. Cloud Functions can take time to spin up if they haven't run for a while.
I would like to create an app, which uses a hash or key from TouchID as an ID or password, and put this hash/key into my own database.
So if the user would log in to my app from another device, with their login credentials and fingerprint, it would still recognize them.
In short, Apple doesn't provide access to fingerprint data.
And it can't be used to match against other fingerprint databases.
Read more in an Apple support article on TouchID.
Also see: Is it possible to get TouchID information and compare to a fingerprint database?
I am creating an application using Appcelerator wherein the user needs to enter the username and password to login. Once logged in, the user can enable TouchID for authentication. After logging out, the user can use the TouchID for authentication and use the application.
My flow is that once the username and password is provided, I store those two information in Keychain using the following module iOS Keychain Module. Then I use ti.touchid to authenticate the fingerprint, if success, then I retrieve the username and password from keychain and then send it over HTTPS web service call and login the user to the application.
My query is that, whether this is an acceptable approach.
I am not an iOS developer nor does any ti or keychain terms mean anything to me at all. That's for a start and to reduce the number of down votes i might get.
In terns of security, I would suggest that you imagine obtaining that particular user's phone where you know you have some authentication credentials stored. Let's say I am a user of your app, already logged-in and have my credentials saved somewhere on my device, and you obtain this phone by stealing it from me.
Now, will you be able to access my account in anyway? Will a hacker with access to the physical phone be able to retrieve any information stored in your Keychain storage?
If so, If you can think of anyway to do so, then your approach is not valid.
I understand you want to save users sometime by making sure they can login with just their fingerprint, which is a valid reason to think of such an approach, but you will have to think everything in terms of reverse engineering.
Additional recommendations would be using an on-the-fly hash to store information in the Keychain and making sure to check that before restoring the same. For example, user credentials saved on "home wifi" can be verified with your fingerprint only "at home" on the same wifi network where the same will be invalid on a different network.
i.e)
(keychainItem.x = y) is TRUE ONLY IF (something else)
where this (something else) is something that will prevent hackers from accessing the Keychain even if they have access to the device itself.
I do this myself when programming web applications with stored cookies. I for example use a stored cookie ONLY IF it is being accessed from the same IP it was saved from. Anytime that IP address changes, user will have to re-authenticate even if the cookie values are correct.
Hope this helps.
This is more of a design question than anything else.
I have an app that I am starting to migrate to have an offline mode. I am using SQLite with GRDB wrapper. Each time a user authenticates I download a set of user profile data i.e. user ID, date added, access level, profile image url, settings etc. I then store this information in to a local SQLite table which matches the structure of the MYSQL online version.
I am also storing an auth token and password in the keychain and using these for all communications to the server (no user ID) after authentication.
My question is, once a user logs out should I drop the existing tables in SQLite therefore clearing all previous users data and start clean for the current user?
My concern is about the security of the information from the previous user being available if say, user1 logged in to the app on a friends phone. Without clearing the information upon log out would this data be available to the new user? Obviously not through the app itself but through some other form of view the SQLite information.
All sensitive information i.e. passwords etc are stored in keychain.
I realise this could be an opinion base question but thats what I am looking for, just some opinions on what you think COULD work best.
Thanks
If the iPhone is given or lent with all apps installed, the new owner may well be able to read the database filled with the previous owner's information. It's like lending your mac filled with your emails. So you may well have to reset the database when the user logs out, if it may contain sensitive information (and as soon as the user can write text or take pictures, it is potentially sensitive information). I have already written a chat app that does exactly that. Besides, thanks for using GRDB ;-)
I'm new to iOS development and programming, so please bear with me.
Correct me if I'm wrong but, conceptually, an app can access any items in the Keychain that are associated with the app. It is my understanding that hackers can manipulate the code of an application like "Jailbreaking" to do the hacker's bidding.
In that case, is it possible for the hacker to simply access all the elements of the Keychain by adding additional code?
For example, if my app is checking authorization by comparing the inputted value with the Keychain stored password, could the hacker simply modify the code to get the Keychain stored password? If so, how do you guard against this?
Yes. Anyway, you should be storing the password hash, not the password.
You cannot protect the user against themselves. It's their data. You can't keep them from reading their own data.
The alternative is to store data on your server instead of on the device.