how about to use secure storage to store the user username and password in flutter
Question
I am using flutter to write an app, now I want to use secure storage to store the username/passowrd like this:
SecureStorageUtil.putString("password", password);
is it a good practice? Or never store the user password in the client app? I already searching from Google but no one talk about it. And this is the SecureStorageUtil :
import 'package:flutter_secure_storage/flutter_secure_storage.dart';
class SecureStorageUtil{
static FlutterSecureStorage _preferences = FlutterSecureStorage();
static Future<String?> getString (String key, {String defValue = ''}) {
return _preferences.read(key:key) ;
}
static Future<void> putString(String key, String value) {
return _preferences.write(key:key, value:value);
}
static Future<void> delString(String key) {
return _preferences.delete(key:key);
}
}
2 answers
solution1
2 ACCPTED 2022-03-17 16:56:44
As the docs say
- Keychain is used for iOS
- AES encryption is used for Android. AES secret key is encrypted with RSA and RSA key is stored in KeyStore
Keystore is managed by the system, and the will be secure. You may use this if saving the password is important. However, its always recommended not to store passwords on the client-side, instead, save some Auth keys like JWT token, etc. to authenticate users.
solution2
-1 2022-03-17 18:15:54
There is a package named SharePreferences that will allow you to store anything on both platforms ios and android and it did not have any kind of issue. I recommend that package. I hope that will work. And the second thing is storing password. If the user have an option in the app like Remember Me then it is useful to store the username and the password.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.