[英]Does saving username and password to a flat file with in an android app makes it less secure?
I understand that each app runs within its own sandbox. 我了解每个应用程序都在自己的沙箱中运行。
If that is the case, is it safe to save credentials in a flat file? 如果是这样,将凭据保存在平面文件中是否安全?
Apart from saving it in the database or over the network what are other options in saving credentials in an app? 除了将其保存在数据库中或通过网络保存以外,在应用程序中保存凭据还有哪些其他选择?
SharedPreferences is also a flat file and isn't really save. SharedPreferences也是一个平面文件,并没有真正保存。 Everyone with root access can read SharedPreferences.
具有root访问权限的每个人都可以读取SharedPreferences。 Location:
位置:
/data/data/package_name/shared_prefs
You should never store user credentials. 您永远不应存储用户凭据。 You should store some kind of server access tokens.
您应该存储某种服务器访问令牌。
您可以将应用程序凭据存储在android应用程序的SharedPreferences
中,而不是存储在平面文件中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.