How to store sensitive data into java code for android development
Question
I am willing to use java email api for my android app. I got it from this link . But as mentioned here in the link, to use this api, I need to give my own email id and password in GmailSender as Plain Text . For this reason I am tensed about my password. If anyone decompile the apk file then he can easily get my email id and password. But I don't know how to store these sensitive data into my code safely. How can I do this?
Note: I am not willing to use any third party library to encrypt thses data
2 answers
solution1
0 2016-05-21 05:04:04
It is nearly impossible to completely protect your app from reversal engineering, especially without any third party library.
BUT instead you can create another e-mail, with a different password, and configure it to resend any email received to your official e-mail.
This way if anyone actually manage to reverse the code and get the password, they will only have access to this secondary and unimportant e-mail account. This should solve the problem.
More info about actually protecting the code here:
solution2
0 2017-03-04 09:20:07
You should obfuscate your password string before keeping it in your source code. You can:
- Do it manually, It can be take a time.
- Or use some automatic tools. If you don't want to use any third party library to encrypt these data, Bg+ Anti Decompiler/Obfuscator is a good choice for you. It works on java source code (not Java byte-code) so you will control everything
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.