stackoom
  简体   繁体   中英

Secure method of saving credentials in Android

 原文  2017-11-16 15:25:50       android/ login/ sharedpreferences/ accountmanager/ android-security

Question

I'm developing an Android app. For authentication the user needs to enter the user name and password and the server returns an expiring authentication token.

Currently I'm saving the token but not the credentials. What is the preferred safest method to save the credentials locally so that when the token authentication fails I can re-login the user using the saved credentials in the background without having the user to enter their credentials again.

I'm aware of saving data using SharedPreferences. But are they really secure? Can I use AccountManager for this purpose?

1 answers

solution1
 0  2017-11-16 15:38:32

Having a background service that when the token expires would login the user again automatically would not be very secure.

Is it not possible to make the expiry time of the told longer? As saving the credentials and trying to login periodically would not be very secure.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to secure service account credentials in an Android application? How to secure AWS Credentials in Android app? Secure application credentials in iOS and android mobile application? Saving Credentials in Android / jQuery Mobile App Saving user credentials from google sign in with Android? Is there a method in facebook API for Android to handle incorrect credentials? Saving credentials with sharedpreferences Saving login credentials in device Saving user credentials on login Saving user credentials
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM