如何在Android中秘密保存令牌 [英] How to save a token secretly in Android

问题描述

我有一个Android应用程序，用户必须登录才能使用它，当发出请求时(在PHP中)需要令牌，事实是，我需要将令牌保存在Android的共享首选项中，我知道加密的方法，但是如果有人打开应用程序并查看源代码，他们就会知道它是如何加密的.

I have an Android app where users have to login to use it, when a request is made (in PHP) a token is needed, the thing is, I need to save the token in Android's shared preferences, I know there are ways to encrypt it, but if someone would go to open the app and see the source code, the would know how it was encrypted.

如何安全保存令牌?

谢谢.

推荐答案

Android密钥库是存储敏感信息(例如令牌，密码等)的首选方法.

Android Keystore is a preferred way of storing sensitive information, namely token, password, etc.

但是，如果您只想将其存储在SharedPrefs中，则可以使用现有库之一.您可以检查 SecureStorage 库并尝试一下.

However, in case you want to simply store it in SharedPrefs, using one of the existing libraries would come in handy. You can check SecureStorage library and give it a try.

这篇关于如何在Android中秘密保存令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！