iOS: How to store username/password within an app?
You should always use Keychain to store usernames and passwords, and since it's stored securely and only accessible to your app, there is no need to delete it when app quits (if that was your concern).
Apple provides sample code that stores, reads and deletes keychain items and here is how to use the keychain wrapper class from that sample which greatly simplifies using Keychain.
Include Security.framework (in Xcode 3 right-click on frameworks folder and add existing framework. In Xcode 4 select your project, then select target, go to Build Phases tab and click + under Link Binary With Files) and KeychainItemWrapper .h & .m files into your project, #import the .h file wherever you need to use keychain and then create an instance of this class:
KeychainItemWrapper *keychainItem = [[KeychainItemWrapper alloc] initWithIdentifier:@"YourAppLogin" accessGroup:nil];
(YourAppLogin can be anything you chose to call your Keychain item and you can have multiple items if required)
Then you can set the username and password using:
[keychainItem setObject:@"password you are saving" forKey:kSecValueData];
[keychainItem setObject:@"username you are saving" forKey:kSecAttrAccount];
Get them using:
NSString *password = [keychainItem objectForKey:kSecValueData];
NSString *username = [keychainItem objectForKey:kSecAttrAccount];
Or delete them using:
[keychainItem resetKeychainItem];
If you need an ARC version of the wrapper here is the link https://gist.github.com/1170641 Thanks to
A very easy solution via Keychains.
It's a simple wrapper for the system Keychain. Just add the SSKeychain.h
, SSKeychain.m
, SSKeychainQuery.h
and SSKeychainQuery.m
files to your project and add the Security.framework to your target.
To save a password:
[SSKeychain setPassword:@"AnyPassword" forService:@"AnyService" account:@"AnyUser"]
To retrieve a password:
NSString *password = [SSKeychain passwordForService:@"AnyService" account:@"AnyUser"];
Where setPassword
is what value you want saved and forService
is what variable you want it saved under and account is for what user/object the password and any other info is for.