Encryption will give you some security. The problem is your program would also have to decrypt the password, which means it must have the key stored in it somewhere. This will make it vulnerable to reverse-engineering. A better approach is to use an one-way function (such as a hash) on the password and store that hash value. When a user enters a password, you then apply the one-way function to the password and compare the result to the stored value. In this manner, the password cannot be compromised (well, there's always a dictionary attack, but that's a matter of password strength).
Instead of using NSUserDefaults, you would be better off using iOS Keychain Services. It's main purpose is to securely store user credentials. Apple has already done all the hard work for you. Take advantage of it.
1804
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
