Android where to save personal data?
Question
我有一个两难的境地,我需要在我的Android设备上保存一些安全数据,这些数据是个人机柜的登录信息,所以请你给我一个建议,哪里更好地将这些信息保存到简单的txt文件中(但安全性如何? ?)或者Android平台中是否存在MySQL DB的模拟(以及我如何访问它)?
4 answers
solution1
3 2013-03-04 12:20:29
The best way to store personal data in Android application is using shared preferences with mode private, so that nobody can access that data other than your application. for more details see Android developers tips about shared preferences here.
solution2
2 2013-03-04 11:56:58
You can save the simple txt file into your application directory. In General, Android assigns each application a unique uid. Each application has its own application directory with mode 660. So other application cannot access its content. To write your own application directory, you can use the following code:
String filename = "myfile";
String string = "Your security content";
FileOutputStream outputStream;
try {
outputStream = openFileOutput(filename, Context.MODE_PRIVATE);
string = encrypt(string);
outputStream.write(string.getBytes());
outputStream.close();
} catch (Exception e) {
e.printStackTrace();
}
However, if the target device is a rooted device, other application can access your file. So a better approach is to encrypt your data, and save it into the application directory.
For a database approach, it has the same problem, you can define your own content provider without exporting it out, but it is still vulnerable on a rooted device. So whatever you choose, writing txt file or storing it on DB, encrypt it first is necessary.
solution3
1 2013-03-04 11:53:52
AFAIK you cannot run MySQL on a android device but you can use SQLite ( tutorial ). You could even try using SQLCipher to store it in a encrypted database. Although I'm told it's not too hard to extract the access key from your APK.
When you store you password, make sure you encrypt it (even if you are encrypting the database). Storing passwords as plain text is rarely a good idea ;)
Whatever you do, do NOT store it in a text file!
solution4
0 2013-03-04 11:56:03
You could store the details in the SQLdb on android but save all the form details using encryption and just persist the strings.
You can see in the answer below an example of someone doing this exact same technique and using the phoneId for the encryption (although I'm not sure how safe that really is).
Is it safe to store username + passwords in a local SQLite db in Android?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.