Mobile apps: Where to store web service login details

Keith Clarke keith.clarke at clarkeandclarke.co.uk
Thu Nov 10 06:47:24 EST 2011 

Thanks Gerry. The Android notes aren't so specific about whether the cache folder persists (and no library folder is currently supported) so I was taking 'documents' as the only generic option.

So, it seems that for iOS, the library is the safe, secure, encrypted and backed-up option, whereas for Android it may be cache or else documents - until/unless special folder support is extended. (Did I get that right?)   

Thanks also for the link to the article on encryption - though that will take a few read-troughs before I start to understand! :-)
   
On 10 Nov 2011, at 11:35, Gerry Orkin wrote:

> 
>> Thanks Andre, I did look at special folders but it appears the only location on iOS and Android with read/write access is the 'documents' special folder. 
> 
> The iOS release notes list these locations as valid for files:
> 
> home – the (unique) folder containing the application bundle and its associated data and folders
> 
> documents – the folder in which the application should store any document data (this folder is backed up by iTunes on sync)
> 
> cache – the folder in which the application should store any transient data that needs to be preserved between launches (this folder is not backed up by iTunes on sync)
> 
> library – the folder in which the application can store data of various types. In particular, data private to the application should be stored in a folder named with the app's bundle identifier inside library. (this folder is backed up by iTunes on sync).
> 
> temporary – the folder in which the application should store any temporary data that is not needed between launches (this folder is not backed up by iTunes on sync) 
> 
>> This seems a bit 'open' for login details - both in terms of accessibility and the potential for the file to be deleted.
> 
> Your app is sandboxed. Every iOS app that stores login details stores those details in one of the valid folders.
> 
>> 
>> Do I guess correctly that there is then additional LiveCode magic dust (that I haven't learned about yet) which can be applied to the files to protect / hide / encrypt them when in such a seemingly open folder? :-)
> 
> You files are encrypted (as I recently discovered). Check out this forum thread: http://forums.runrev.com/viewtopic.php?f=49&t=9468&sid=b17306c823b589abcc24e7954ce81884
> 
> 
> 
> Cheers
> 
> Gerry
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode

More information about the use-livecode mailing list