23

I am new to objective C, I have created one application in that I have used both NSUserDefault and Keychain to store my user name and password. But I cant differentiate both. Please help to differentiate the both.

Thank you.

Meet Doshi
  • 4,241
  • 10
  • 40
  • 81
Ganapathy
  • 4,594
  • 5
  • 23
  • 41
  • 1
    This is a very obvious comment only to SIMPLIFY your understanding of keychain. Keychain and NSUserDefault are **very much alike**. For both you just do something like *set an objectforKey and then do ObjectForKey to read it* They both store hashes. Keychain and NSUserDefault will both be sandboxed but keychain won't be deallocated from memory even if you're app is uninstalled. It will still be there the next time you install. There is also a keychain for iCloud that works across multiple devices but that's a different story – mfaani Oct 10 '16 at 19:49

3 Answers3

26

A keychain is an encrypted container that holds passwords for multiple applications and secure services. Apple Inc. uses keychains as password management system in Mac OS and iOS.

NSUserDefaults Provides a way for application behavior customization based on user preferences. Belongs to the Foundation framework for Cocoa and Cocoa Touch.

I got this from Tag Information of NSUserdefaults and keychain

Community
  • 1
  • 1
Aravindhan
  • 15,608
  • 10
  • 56
  • 71
16

Addition: When we saved userName and Password. and Remove app from device.

In Keychain: UserName and Password still is there.

In NSUserDefaults: UserName and Password also remove from device with your app.

Linh Nguyen
  • 2,006
  • 1
  • 20
  • 16
15

Try to avoid saving data locally as much as possible.

Keychain- Keychain is safe & encrypted way to save small storage data like username, password etc. Beware keychain data can accessible from jailbroken devices . You can get Apple sample code from here.

Keychain Sharing- Enabling keychain sharing allows your app to share passwords in the keychain with other apps developed by your team. Suppose we created two apps where users can log into the same account. It would be nice to have ability to share the login information between these apps. This way the user will only need to log in once in one of the apps.

UserDefaults An interface to the user's defaults database, where you store key-value pairs persistently across invocations of your app on a given device. UserDefaults are not secure way to save private data. UserDefaults are stored as plist locally, Anyone can track in ./Library/Preferences/com.mycompany.MyAppName.plist

Jack
  • 13,571
  • 6
  • 76
  • 98
  • What is your justification behind recommending avoiding saving data locally as much as possible? What is the alternative, storing data in the cloud? Is sensitive data safer on cloud services than it is on a local iOS device? – Eugene May 01 '19 at 19:43
  • @Eugene Data is nowhere safe. Its all about how much security layer we provide. At minimum you should check encryption techniques. However hardcoded(local copy) is easy to track i have already explained in answer itself :) – Jack May 01 '19 at 23:02