Chapter 3: Authentication
Providing a secure login mechanism for your mobile users is harder than on the Web. The trend with mobile devices is to make things as easy as possible for the user. Mobile keyboards are small, so it’s unlikely that someone is going to enter more than six characters to log in to an app. But if you make it too easy to log in to your app, then you run the risk of unauthorized users gaining access to sensitive data by going around your authentication. In Chapter 3 we’ll look at how some of the authentication mechanisms in our audits have failed, and we’re also going to look at what developers have been using to log in to mobile apps that have been a lot more effective.
Get Bulletproof Android™: Practical Advice for Building Secure Apps now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
