Page 1 of 1
Database access security iOS
Posted: Thu Feb 21, 2013 9:06 am
by ekek
Hi:
I'm developing an App for iOS that can read and writa data to a database in a server. Everything can be done, but we have a concern about putting the login data inside the code. Does anyone knows a best practice in order to connect to a database without embedding the user and password inside the code?
Thanks
Re: Database access security iOS
Posted: Thu Feb 21, 2013 5:38 pm
by FourthWorld
SSL is the solution most sites use to protect the stream.
Re: Database access security iOS
Posted: Fri Feb 22, 2013 9:25 am
by monte
If they are in the script then password protection on the stack will secure them
Re: Database access security iOS
Posted: Mon Oct 07, 2013 8:17 pm
by ekek
Thanks for your comments!
Re: Database access security iOS
Posted: Tue Oct 08, 2013 11:59 am
by Klaus
Hi ekek,
another way is to store the MD5Digest of the password in a custom property!
Can be compared but that's it
...
## DO this in the message box or wehreever, at least NOT in the stack!
set the cMD5Password of stack "your db stack here" to md5digest("Dabatabes password here...")
...
Then you can later ask the user for a password and compare its md5digest with the stored md5digest:
Code: Select all
...
ask password clear "Enter password for database access:"
put it into tuserPWD
put the cMD5Password of stack "your db stack here" into tStoredMD5
if tStoredMD5 <> md5digest(tUserPWD) then
## wrong password
exit to top
end if
...
Best
Klaus
Re: Database access security iOS
Posted: Tue Oct 08, 2013 3:02 pm
by Adrien Bron
I use SSL for this class of problems.