Is there an equivalent to iOS's Keychain on Android?
My understanding of the Preferences API is that it is not encrypted. For my application it doesn't matter whether these credentials are persisted across devices (i.e. a different use-case to iPhone-like Keychain in Android?)
I also looked at the KeyStore API but it seems to leave the actual storage of user credentials up to the application developer.
Other interesting Android alternatives to Keychain Access are LastPass, 1Password, Keepass2Android and KeePassDroid.
android.security.KeyChain. The KeyChain class provides access to private keys and their corresponding certificate chains in credential storage. Applications accessing the KeyChain normally go through these steps: Receive a callback from an X509KeyManager that a private key is requested.
Samsung Pass is a secure and easy way to use your biometrics to sign in to websites and apps on your phone. Once you scan your fingerprints, you can sign in without typing in your ID and password. With Samsung Pass, there's no need to memorize all those IDs and passwords for all your accounts.
As far as I can tell, Chrome uses the keychain automatically: Google Chrome can save your usernames and passwords for different websites. The browser can then automatically complete the sign-in fields for you when you next visit these websites.
Short answer, there isn't one. But you can expect the filesystem to be secure.
Each app operates under a different user, and the filesystem used to store app data is secured by normal UNIX user permissions. So each app's file access is sandboxed by default. The filesystem also may be encrypted.
This page from the developer's site explains it better: http://developer.android.com/guide/topics/security/security.html
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With