On the iPhone, not including jail-broken phones, can other apps read the values you've set using NSUserDefaults? I'm considering saving the customer's userid/password for our service and want to make sure it is secure.
Asked
Active
Viewed 952 times
10
-
Good question. I don't know that off the top of my head and I should. – TechZen Dec 08 '09 at 18:08
-
4Regardless of whether they can or not, you shouldn't be storing the password in plaintext. – Anon. Dec 08 '09 at 18:10
3 Answers
9
No, other applications cannot see your data. That said, you should probably consider using the keychain on the iPhone to store sensitive data like usernames and passwords.
Paul Wagland
- 27,756
- 10
- 52
- 74
1
No, applications are sandboxed. This includes their own directory for preferences and user data.
monowerker
- 2,951
- 1
- 25
- 23
-
1Ah, the folly of a missing comma. I think you mean, "No, applications are sandboxed". – Alan Zeino Jan 25 '11 at 05:19
-2
First of all, you should be saving userid/password in the keychain, not the user defaults.
Secondly, yes, other applications can read the NSUserDefaults. The defaults are unix style user defaults not application defaults. Under the old NextStep OS, an individual users defaults would follow them from networked machine to networked machine. The idea is that users have preferences for things like default fonts that all applications should use.
The iPhone inherited that by being a slimmed down version of MacOS X. I am not sure how thorough the sandboxing on iPhone apps is that regard. It might be possible to worm a way through the system if you knew the proper keys for domains and values.
Certainly, Apple strongly discourages keeping any sensitive information in the user defaults.
TechZen
- 64,370
- 15
- 118
- 145