encrypt data in SharedPreferences

Simon picture Simon · Feb 5, 2011 · Viewed 36k times · Source

Im currently developing a framework for oAuth 1 and 2 access to webservices and my question is, how do i store sensitive data like an oAuth access key in a secure way? the problem with this keys is that some platforms like twitter use a permanent key and if someone would get access to this key he could do whatever he wants with the users twitter account..

so is it possible to automatically encrypt the data before it is stored in the shared preferences? Or is there a better way/place to store very important data?

UPDATE - ALSO READ: What is the most appropriate way to store user settings in Android application

Answer

Sveinung Kval Bakken picture Sveinung Kval Bakken · Jun 4, 2012

You can also have a look at this class I made for doing exactly this: https://github.com/sveinungkb/encrypted-userprefs

It uses AES instead of the deprecated and weak DES used in the other suggestion.