Closed PeterStaev closed 6 years ago
Good point. The drawback of kSecAttrAccessibleWhenUnlockedThisDeviceOnly
seems to be that the app needs to be in the foreground. That may break certain apps.
Also, the current setting (kSecAttrAccessibleAlwaysThisDeviceOnly
) prevents data migration from one device to the other (when you buy a new iPhone). That may be undesirable as well.
Making it configurable with all six-ish options iOS offers would be best, but for backward compatibility sake the current setting should be the default.
Any thoughts on how to apply this more secure kSecAttrAccessibleWhenUnlockedThisDeviceOnly
for iOS devices only without breaking apps that also run on Android?
@SonofNun15 , that's easy. When you initialize the SecureStorage
you check and you send the parameter only if iOS. Something like this:
const ss = new SecureStorage(isIOS ? kSecAttrAccessibleWhenUnlockedThisDeviceOnly : undefined)
Thanks! I didn't know isIOS
was a thing, still pretty new to NativeScript development. Appreciate the insight!
From what I see from the code you use the default
kSecAttrAccessibleAlwaysThisDeviceOnly
. This is really not that secure since the data could be accessed even if the phone is restarted and/or locked. I think it is best to usekSecAttrAccessibleWhenUnlockedThisDeviceOnly
. Or may be provide a way to customize the setting?