Android - Where should we save username and password in device memory?

android passwords store username
Varundroid picture Varundroid · Nov 2, 2011 · Viewed 8.4k times · Source

What is a good practice to save username and password on device?

I have gone through many answers on Stackoverflow and now i am bit confused.

I am working on an email app and i want my user to feel absolutely safe while using it.

Some people suggest that we should encrypt it and save it in SharedPreference. Some suggest we shouldn't save it on device at all.

I just want user's details to be stored at safest place possible.

Any help, suggestions would be highly appreciated.

Thanks.

Answer

Kurtis Nusbaum picture Kurtis Nusbaum · Nov 2, 2011

You should save users credentials using the AbstractAccountAuthenticator class. Not only is this super secure, it also makes your app feel more integrated with android. Have you ever gone to the "Accounts" screen in your android setting and seen your Facebook, Twitter, and GMail accounts there? That's because they're using an AccountAuthenticator. Also, it allows you to associate URIs/ContentProviders with particular user accounts. To see a really comprehensive (but complicated) example of all this, checkout the SampleSyncAdapter example.

Related questions

How to switch between hide and view password

Is there a clever way to let the user switch between hide and view password in an android EditText? A number of PC based apps let the user do this.

Read More
Programmatically change input type of the EditText from PASSWORD to NORMAL & vice versa

In my application, I have an EditText whose default input type is set to android:inputType="textPassword" by deault. It has a CheckBox to its right, which is when checked, changes the input type of that EditText to NORMAL PLAIN …

Read More
Android EditText for password with android:hint

Just noticed that android:password has been deprecated, and we should be using android:inputType. Was experimenting with it by setting in my xml android:inputType="textPassword" Indeed it behaves like android:password="true" for EditText, but it seems that …

Read More