Home > iPhone Dev > Simple iPhone Tutorial: Password Management using the keychain by using SFHFKeychainUtils

Simple iPhone Tutorial: Password Management using the keychain by using SFHFKeychainUtils

Keychain is really a pain to use, and I didn’t want to spend the time to figure it all out, so I went looking for a framework that would do the dirty work for me. I found SFHFKeychainUtils and it has been super slick! In this tutorial, I’ll show you how to leverage SFHFKeychainUtils in order to save a username/password to keychain and also retrieve the password given the username. Just follow these simple steps:

1. Get SFHFKeychainUtils

I found it on GitHub at http://github.com/ldandersen/scifihifi-iphone/tree/master/security/ – just get the SFHFKeychainUtils.h and SFHFKeychainUtils.m files and add them to your project.

2. Import it

In the implementation file where you want to save or retrieve the password, be sure you import the SFHF Keychain Utils header file as shown below:

#import “LoginViewController.h”
#import “SFHFKeychainUtils.h”
@implementation LoginViewController

3. Save a Username/Password

xCode SFHFKeychainUtils iPhone Keychain Example





Here you can see how simple it is to add the username/password to the iPhone’s keychain. The storeUsername:andPassword:forServiceName:updateExisting:error method will take care of all the work for us if we give it the correct parameters. I am getting the username and password from two UITextFields in the app called usernameField and passwordField, respectively. The Service Name can be anything you want, as long as you remember it as you’ll need to enter that same string value in order to retrieve the password (see step 4).

4. Retrieve the Password from Keychain

xCode SFHFKeychainUtils iPhone Keychain Example




As you can see, it’s not any more difficult to retrieve the password from keychain using SFHFKeychainUtils. I specified my username “Gorgando” and the same service name we used before “myApp”. The password that corresponds to this username and service name in the keychain will be returned as an NSString.

So don’t be afraid to use the keychain! It is the most secure way to store passwords in an iPhone application. Both plists and the Settings.Bundle are very insecure ways to store passwords because the passwords are stored in plaintext, visible to anyone who accesses them. Let me know if you have any questions – good luck!

About Brad

Brad is a tech professional and hobbiest. He's a husband, father, and a Mormon. Connect with Brad on Google+

  1. Dennis
    September 11th, 2010 at 09:36 | #1

    Thanks for sharing this. Got it working much quicker thanks to your example.

  2. jeongho
    September 24th, 2010 at 08:03 | #2

    Awesome, You are my hero!!

  3. siva
    October 27th, 2010 at 00:12 | #3

    Hi

    There is any secure way to store the username and password to the device other than Keychain there is any other secure way to store ???

    Thanks In advance
    Siva

  4. siva
    October 27th, 2010 at 00:24 | #4

    There is any way to delete the Keychain .i have deleted my application but the keychain is still remains there.
    any solutions for this??

  5. December 20th, 2010 at 19:52 | #5

    If u guys come across any compilation error such as this
    “_kSecAttrAccount”, referenced from:
    _kSecAttrAccount$non_lazy_ptr in SFHFKeychainUtils.o

    Just add Security.framework into your project and voila!

  6. newIOSGuy
    February 2nd, 2011 at 11:55 | #6

    I am trying to test this in a unit test bundle, but keep getting error SFHFKeychainUtilsErrorDomain error -25291. Any pointers is greatly appreciated.

  7. Andrevinsky
    March 17th, 2011 at 07:38 | #7

    Thanks! It rocks!
    How about using [[NSBundle mainBundle] bundleIdentifier] for servicename?

  8. Dave
    April 19th, 2011 at 10:26 | #8

    Does SFHFKeychainUtils encrypt the password before storing in keychain ?

  9. May 4th, 2011 at 00:41 | #9

    Once you have the username and password correctly stored, how do you authenticate the combo and then load the appropriate view (either user’s home page or error page)??

    Thanks!

  10. Anupdas
    May 24th, 2011 at 07:36 | #10

    Thanks for the post, this worked for me in iPhone Simulator but not on the real device. Any Idea?

  11. Anupdas
    May 24th, 2011 at 08:35 | #11

    Sorry for the trouble, this works in both Simulator and iPhone.

    I needed to save username and password securely. Once saved the application will automatically login, and the user need not type username and password every time.

    Saved the username in NSUserDefaults using application name as key. Then the username retrieved from NSUserDefaults was used to fetch the password stored in keychain. There was a typo error in application name.

    Anyone using NSUserDefaults don’t forget to properly initialize and registerDefaults.

    Thanks again for the post.

  12. June 11th, 2011 at 10:43 | #12

    Thanks for posting this! With this tutorial and the associated source code I was able to get passwords stored securely in my iPad app real fast. This code makes using the keychain just as easy as using NSUserDefaults, and is more secure, so why not use the keychain for password storage now.

  13. Sam
    January 24th, 2012 at 04:47 | #13

    Hi could you please help me finding the SFHFKeychainUtils.h &.m for sdk5 or ios 5. I am having hard time using this header as it is built or older version of ios.

    thanks

  14. paul breitner
    March 11th, 2012 at 01:35 | #14

    hi brad
    I would like to retrieve a couple of passwords from my jailbroken iphone4 (ios 5.0.1) backup,
    unfortunately , I can’t read computer language, (I’m a chemistry major). is there a way to present the info. in a non technical manner so I can utilize this program.?

    best regards

    paul b.

  1. December 18th, 2012 at 22:45 | #1