如何将Touch ID与登录凭据相关联? [英] How to link Touch ID with login credentials?
问题描述
我能够成功验证用户的Touch ID。但是,一旦触摸ID身份验证成功,检索用户登录名和密码以执行登录的最安全方法是什么。
I'm able to validate a user Touch ID successfully. However, what's the safest way to retrieve the user login and password to perform login once the touch ID authentication is successful.
对于iTunes连接应用程序,一旦触摸ID登录为成功,似乎它将在本地检索密码并将其填入密码UITextField。我猜它正在使用钥匙串。
For iTunes connect app, once the touch ID login is successful, seems like it will retrieve the password locally and fill it in the password UITextField. I'm guessing it's using keychain.
但是,将用户凭据存储在iPhone本身是否安全?还有其他方法吗?
However is it safe to store user credentials on the iPhone itself? Are there any other methods?
推荐答案
您希望将登录信息存储在钥匙串中,但您需要确保将辅助功能参数设置为kSecAttrAccessibleWhenUnlocked或kSecAttrAccessibleWhenUnlockedThisDeviceOnly(kSecAttrAccessibleWhenUnlockedThisDeviceOnly更安全一点,因为密码不会离开设备,比如当设备备份到你的笔记本电脑时。)
You want to store the login information in the keychain, but you need to make sure that the accessibility parameter is set to kSecAttrAccessibleWhenUnlocked or kSecAttrAccessibleWhenUnlockedThisDeviceOnly (kSecAttrAccessibleWhenUnlockedThisDeviceOnly is a bit safer since the password will not leave the device, say when the device is backed up to your laptop.)
NSMutableDictionary *query = [NSMutableDictionary dictionary];
[query setObject:(id)kSecClassGenericPassword forKey:(id)kSecClass];
[query setObject:account forKey:(id)kSecAttrAccount];
[query setObject:(id)kSecAttrAccessibleWhenUnlocked forKey:(id)kSecAttrAccessible];
[query setObject:[inputString dataUsingEncoding:NSUTF8StringEncoding] forKey:(id)kSecValueData];
OSStatus error = SecItemAdd((CFDictionaryRef)query, NULL);
这篇关于如何将Touch ID与登录凭据相关联?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
