Secure Storage

How secure is Storage Module for important data such as username and password. So far I have not seen any answer or solution to this problem. Sqlite more secure ?

Hi,

any kind of local storage should be considered insecure. You should never store a username and a password on device.

Thanks for the quick reply.

Remenber login data is very common function in mobile applications.

What approach take in this situation ?

If you’re looking for a properly secure local storage, you should consider using Android Keystore and Apple Keychain.

If you’re only building an authentication mechanism against an external API, you should consider an approach where you do not store username and password, but instead rely on sending those to the backend, then receiving a token and storing that instead. A popular implementation you’ve probably seen elsewhere is the OAuth2 protocol.

Hope this helps!