如何在iPhone应用程序中实现密码恢复? [英] How can I implement password recovery in an iPhone app?
问题描述
我想在我正在使用的iPhone应用程序中添加简单的密码保护.我可能会使用crypt()将密码以CoreData/sqlite格式存储在数据库中.
I would like to add simple password protection in an iPhone App that I am working on. I will probably use crypt() to store the password in my database which in in CoreData / sqlite format.
我认为我对如何创建和存储密码有很好的了解,但是如果用户忘记了密码,我想添加密码恢复功能
I think I have a pretty good understanding of how to create and store the password, but in case the user forgets their password, I would like to add a password recovery ability
这是我在iOS中苦苦挣扎的部分.我希望所有内容都在本地,所以我想不出一种使用链接重设密码的方法.
This is the part that I'm struggling with in iOS. I want everything to be local, so I can't think of a way to use a link to reset a password.
我曾考虑过通过电子邮件发送密码,但是在iOS中,如果没有手持设备的人看到电子邮件的内容,就无法发送电子邮件.
I had thought about emailing the password, but in iOS there is no way to send emails without the person holding the device seeing the contents of the email.
我能想到的唯一方法是拥有一个或两个备份密码",这基本上是对用户选择问题的答案(或者甚至可以将提醒问题与密码一起存储).
The only way that I can think of is to have one or two "backup passwords" which is basically the answer to a question of the user's choice (or maybe even just storing a reminder question along with the password).
尽管在我的应用程序中受保护的数据不是那么关键,但这两个都不是那么安全,所以我并不是在寻找最可靠的解决方案(只是一个不太难实现的体面解决方案,也不是给用户带来不便,对于黑客来说也不难).
Neither of these are really that secure, although the data being protected in my app is not that critical, so I'm not looking for the most robust solution (just a decent solution that is not too hard to implement, not too inconvenient for the user, and not too hard for a hacker to break).
建议深表感谢.
谢谢, 罗恩
推荐答案
您可以使用最初创建帐户时设置的条件(例如,母亲的姓氏, last-4等.通过这种方式,您无需担心解密密码或将密码发送给用户的麻烦.一旦他们正确回答了足够的安全性问题,就会提示他们重设密码.您可以将这些数据存储在本地加密.您将无需向用户发送密码.
Instead of recovering a password, you can prompt to reset a password using criteria that is set up when they initially create their account -- such as mothers maiden name, last-4, etc. This way, you don't need to worry about decrypting a password or sending it to the user. Once they answer enough security questions correctly, they are prompted to reset their password. You can store this data encrypted locally. You'll never need to send a password to the user.
这篇关于如何在iPhone应用程序中实现密码恢复?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
