NSUserDefaults或钥匙串最好在iPhone应用程序中保存用户名和密码
[英]NSUserDefaults or keychain is better to save username and password in iPhone app
问题描述
In my iphone app there is some confidential data like username, password and some urls to a webservice. 
在我的iPhone应用程序中,有一些机密数据,例如用户名,密码和一些指向Web服务的URL。 Which one is better NSUserdefaults or keychain. NSUserdefaults或钥匙串哪个更好。 Somebody says NSUserdefaults is insecure. 有人说NSUserdefaults是不安全的。 Why it is insecure? 为什么不安全? and can any one give the pros and cons of each one. 并且任何人都可以给出各自的利弊。
5 个解决方案
解决方案1
16 已采纳 2012-09-21 06:51:15
NSUserDefaults is quite easy to use and stores one value per key only. NSUserDefaults非常易于使用,并且每个密钥仅存储一个值。 But apparently, it is not a very secure method, as there is no encryption. 但是显然,这不是一个非常安全的方法,因为没有加密。
But the Keychain is secure, though it is a bit hard to code. 但是钥匙串是安全的,尽管很难编码。 You can refer these link to use keychain access. 您可以参考这些链接以使用钥匙串访问。
http://log.scifihifi.com/post/55837387/simple-iphone-keychain-code http://log.scifihifi.com/post/55837387/simple-iphone-keychain-code
you can also use this library deviced by Simon 您也可以使用Simon配备的此库
https://github.com/goosoftware/GSKeychain https://github.com/goosoftware/GSKeychain
I hope it helps you!! 希望对您有帮助!!
解决方案2
11 2015-05-12 08:53:20
可能会注意到,即使删除了应用程序,钥匙串数据也将保留,但NSUserDefaults数据将随应用程序消失(NSUserDefaults是应用程序沙箱的一部分,钥匙串是与应用程序无关的服务),这可能会很有用。
解决方案3
6 2012-09-21 06:47:19
Anything stored in NSUserDefaults can be (relatively) easily opened and read, whether on the device or in a (non-encrypted) backup to iCloud or to a sync'd Mac. 无论是在设备上还是在到iCloud或同步Mac的(非加密)备份中,存储在NSUserDefaults中的任何内容都可以(相对)轻松地打开和读取。
Keychain, on the other hand, is meant for stuff like certificates and passwords . 另一方面,钥匙串用于证书和密码之类的东西 。 I've linked an article titled "How Not To Store Passwords in iOS" which gives a bit more useful detail, as well. 我已经链接了一篇标题为“如何不在iOS中存储密码”的文章,该文章也提供了更多有用的信息。
解决方案4
0 2012-09-21 06:47:34
Keychain is way better solution, because it is more secure, but anyway, if you would save this kind of information into the NSUserDefaults, your users wouldn't feel any different. 钥匙串是一种更好的解决方案,因为它更安全,但是无论如何,如果将此类信息保存到NSUserDefaults中,您的用户不会有任何不同。 If someone would hack their device, they could get information from Keychain, the same as they would get information from UserDefaults. 如果有人入侵他们的设备,则他们可以从钥匙串中获取信息,就像从UserDefaults中获取信息一样。 So this question of security is rhetoric. 因此,这个安全性问题是夸张的。 But anyway, the good programming style is to save this data into the Keychain! 但是无论如何,好的编程风格是将这些数据保存到钥匙串中!
解决方案5
0 2012-09-21 06:52:09
I would recommend you to use Keychains. 我建议您使用钥匙串。 Using Keychain, you can store your password in encrypted form. 使用钥匙串,您可以以加密形式存储密码。 Take a look at Apple's GenericKeychain sample. 看一下Apple的GenericKeychain示例。
NSUserDefaults is a little less secure when compared with Keychain. 与钥匙串相比,NSUserDefaults的安全性要差一些。 In NSUserDefaults data can accessed easily if the specific key is known. 如果知道特定的密钥,则在NSUserDefaults中可以轻松访问数据。 This is not the case in Keychain. 钥匙串中不是这种情况。
You can also convert NSUserDefaults to Keychains. 您也可以将NSUserDefaults转换为钥匙串。 Take a look here . 在这里 看看 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.