Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Preventing Facebook Android SDK from displaying password as plain text

Tags:

android

passwords

facebook

password-protection

facebook-android-sdk

I have an Android app using the Facebook Android SDK and will be deployed publicly.

My problem is that whenever a user makes a mistake logging in with a wrong password, the Facebook SDK will change the password field to plain text, which is obviously not going to be acceptable in a public environment.

Is there a way to suppress this behavior?

like image 779
Ron Avatar asked Jan 17 '13 08:01

Ron

2 Answers

The Facebook SDK login dialog validating flow is managed from the server side of facebook. And as we do not have any control at our side for login validation.

The Facebook SDK provides a LoginButton view that is a custom view implementation of a Button. You can use this button in your app to implement Facebook Login. The LoginButton class maintains the session state, which allows it to display the correct text in the button based on the user's authenticated state. Adding LoginButton to your activity's layout is a quick way to implement Facebook Login.

Along with the login button, you may want to control other user interface (UI) components based on whether the user is authenticated or not. The Facebook SDK includes two classes: UiLifecycleHelper and Session.StatusCallback, to handle much of the complexity around managing session state changes. The activity or fragment where you show authenticated functionality can create an instance of the UiLifecycleHelper class and pass in a Session.StatusCallback listener that is notified of any session state changes. Your activity or fragment must call UiLifecycleHelper public methods that mirror an activity's or fragment's lifecycle methods. These methods are used in creating, opening, saving, and restoring an active Facebook session. The Session.StatusCallback listener implementation can override the call() method to respond to session state changes and update the UI accordingly.

So LoginButton controls the login button functionality and you can add custom code triggered off the call() method to control other UI components.

like image 66
GrIsHu Avatar answered Nov 17 '22 20:11

GrIsHu

No, the login dialog is rendered from Facebook's side and the mobile login dialog always shows the password in plain text on the second try - there should be a note to that effect visible in the dialog when it reloads

like image 24
Igy Avatar answered Nov 17 '22 19:11

Igy
Sign in to Comment

Related questions

ListViews with multiple item layouts
Android Delayed Notification
Develop Alarm Application
Android timer that works when device is sleeping
How do I handle screen orientation changes when a dialog is open?
Registering a ContentObserver in a Android Service
Android Playing Movie Files In A Live Wallpaper
Special characters in Android sms
Why android webview is much slower than the native android browser?
How to convert the WAV/OGG file to FLAC file in Android?
Is it possible to extend Facebook tokens with extendAccessTokenIfNeeded in an Android app?
how to measure and improve battery use in iPhone/iPad game (Android also)
Android library not pulling its resources through to other projects
Android: Save an instance state when app is closed [duplicate]
Android USB Host API: bulk transfer buffer size
Test run failed: Test run failed to complete. Expected 1 tests, received 0
Stream and Play audio from android application to any available Speaker like A2DP,Car speakers etc
Android ListView with fast scroll and alphabetical section index
Start service after force stop
scrolling in listview with different cell height

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!