O'Reilly logo

Bulletproof Android™: Practical Advice for Building Secure Apps by Godfrey Nolan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Symmetric Keys

To keep our weather underground API key secure, we’ll need a place to hide it. In Chapter 5 we’ll discover how developers have tried to hide passwords with varying degrees of success, as follows:

1. Ask for the password each time.

2. Save it in cleartext in shared preferences.

3. Save it encrypted in shared preferences using a one-time key.

4. Save it encrypted in the shared preferences using a device-specific key.

5. Hide it in the NDK.

Many of these same techniques apply here, but because we don’t want to cover the same information twice, we won’t go into too much detail until Chapter 5.

There are a number of choices open to you on how you want to encrypt data on an Android phone, and many different cryptographic libraries are ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required