Save Passwords in Secure Storage in your Xamarin app with Essentials

Рет қаралды 9,849

Gerald Versluis

Күн бұрын

Пікірлер: 38

@solvedplus858 Жыл бұрын

many thanks for your awesome tutorial

@jfversluis Жыл бұрын

You’re very welcome!

@danredacted4630 2 жыл бұрын

Solid tutorial! Thanks a lot, def gives a lot of info to work off!

@jfversluis 2 жыл бұрын

Glad it was helpful!

@NipunKalra86 3 жыл бұрын

Thanks Gerald, your video has answered few of my question which I posted on your biometric video.

@jfversluis 3 жыл бұрын

That is great! Let me know if you still need something

@michael89685 3 жыл бұрын

Another great one, Thanks Gerald. 🙏🏾

@jfversluis 3 жыл бұрын

Thanks Ndjibu!

@juanpedromartinezmarin1136 3 жыл бұрын

Nice work once again, I love the videos you made :) Could you please record a new video building azure devops pipeline including publish to the markets?

@lilianesoliman7268 Жыл бұрын

Very Nice, Thank you. I have a question, is it safe to save sensitive data in a static object in a Data Store, so it will be available only temporary while the app is in use and once the user sign out every thing will be erased?

@jfversluis Жыл бұрын

What is the "data store" in this case? Nothing is safe from everything. If you persist it with this SecureStorage and keep it in memory as short as possible I would think you're mostly good!

@lilianesoliman7268 Жыл бұрын

@@jfversluis Thank you for the reply, one more question, is Secure Storage supported by all devices? if not what are the devices don't support SecureStorage

@jfversluis Жыл бұрын

I don’t think there is a list unfortunately. I’d say most devices should support it.

@AhmedTXT 3 жыл бұрын

Nice Bro i want how create dropdown list not picker Please explain any video thanks .......

@jfversluis 3 жыл бұрын

To be honest a dropdown isn't really great for mobile devices if you ask me. I think Telerik and SyncFusion might have something for it, but you might want to reconsider your design :)

@AhmedTXT 3 жыл бұрын

@@jfversluis could you please take any example on videos

@jfversluis 3 жыл бұрын

@@AhmedTXT don’t think anytime soon, sorry!

@ritupednekar6021 2 жыл бұрын

The secure storage for iOS, the keychain data will sync into the iCloud. What will be solution on this if my data should not be sync to iCloud?

@Otonium 2 жыл бұрын

Thank you. Could you do an Android specific short video? 👍

@jfversluis 2 жыл бұрын

You can use this on all platforms :)

@hrishikeshgarud7177 3 жыл бұрын

I am logging user GPS data in text file. Should I use SecureStorage instead of storing GPS points in text file? Because user can change the data in the text file. I know this will be very big string and cause performance issues but anyhow I am reading GPS points from text file at startup so that also slows down the execution.

@jfversluis 3 жыл бұрын

Not sure if this is something that needs to be in secure storage. Or in a text file for that matter :) sounds like a database of sorts would be better

@m4inline 3 жыл бұрын

Securestorage not for long strings. Significant performance issues

@supercutethestar 2 жыл бұрын

Hi Gerald I have a doubt when I kill the app all the information is erased, why is it happening?

@jfversluis 2 жыл бұрын

That shouldn’t happen. Hard to tell why it’s happening without any details

@anastasiap227 3 жыл бұрын

what should I do to see this password in the phone settings in the list of passwords? (IOS)

@jfversluis 3 жыл бұрын

That would be adding it to the password manager. To be honest I have no clue, but that is something very different from this :D

@EdJastre 2 жыл бұрын

Hello, but what happens if I need to store an API key in code like SecureStorage.SetAsync("ApiKey", "KJhkjhkh") and someone decompiles my APK? How can I secure my ApiKey in code? Thanks

@jfversluis 2 жыл бұрын

What do you do to secure it on any .NET application? Anything can be decompiled, this is no exception. You probably want to get it from the backend dynamically somehow. How to do that is dependant on what kind of app your building and what you current authorization flow looks like. You can then still store it in the secure storage. The secure storage is not part of decompiling your app, it's a place on the filesystem that usually has hardware encryption. The person would need physical access to the device and a lot of knowledge to get through that.

@jwj4535 3 жыл бұрын

Storing it in a persistent parameter such as the following one is not secure? Application.Current.Properties["PropertyName"] = TheValue; await Application.Current.SavePropertiesAsync();

@jfversluis 3 жыл бұрын

That is not secure indeed. It will be a plain text file within the app sandbox. People can read it when they can access it

@williamprogramer4168 3 жыл бұрын

⭐⭐⭐⭐⭐

@jfversluis 3 жыл бұрын

Thanks!

@m4inline 3 жыл бұрын

Hmm. IIRC that is not 100% the solution for oauth tokens on ios. If you uninstall the app on ios IIRC the secure cache will not be deleted. A new install will use the old token. You have to detect first launch and clear Secure Storage.

@jfversluis 3 жыл бұрын

Absolutely and oauth tokens expire either way, so you’ll have to add some mechanics to refresh them. Or use this to detect a first launch kzbin.info/www/bejne/Y2OtnZWbpbSSg8U

@m4inline 3 жыл бұрын

@@jfversluis yes i think the issue is on shared devices. Someone uninstall the app. Other user install it later, but refresh token still exists. Sometimes refresh tokens are long lasting. I think apple are crazy preserving app secure storage on uninstall.

@jfversluis 3 жыл бұрын

@@m4inline Ah guess I didn't consider that scenario, thanks! I was surprised to find out indeed that it's preserved over reinstalls

@m4inline 3 жыл бұрын

@@jfversluis in general the world including apple has got authentication and authorisation wrong. Oauth is half baked and badly named and oidc is garbage.