Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Secret cannot be NSUUID -UUIDString #5

Open
leslie-lei opened this issue Feb 3, 2016 · 1 comment
Open

Secret cannot be NSUUID -UUIDString #5

leslie-lei opened this issue Feb 3, 2016 · 1 comment

Comments

@leslie-lei
Copy link

In the README, the instructions on configuring the secret gives the example of using NSUUID -UUIDString in the secret string.

Never store the secret somewhere on your file system or in your user preferences but instead put it somewhere static in your code. Preferably use a salt string in combination with something device specific (such as NSUUID's UUIDString method).

NSUUID -UUIDString generates a random UUID every time the secret is set, there's no way the app can decrypt what it stored in the NSUserDefaults next time it launches with a new UUID in the secret.

I think what you meant is [[[UIDevice currentDevice] identifierForVendor] UUIDString]]?
@bb-git
Copy link

bb-git commented Jul 13, 2017

You can store the UUDID string and hardcode a salt string. This way you will have a key, that will only work on this device. E.g. UUDID + "%zuj63i_L%%w_q(N"

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bb-git @leslie-lei