问题
This is a follow up to this question.
If I'm going to store a user's username and password with Keychain Services, should I simply create my own prompt view with an NSSecureTextField for the password, and then once the user enters their info pass it to a Keychain Services API (I found this one)?
I'm concerned Apple won't like me interacting with a users sensitive data directly like that.
回答1:
this sounds like the appropriate thing to do. The following function calls will do the stuff you need.
SecKeychainAddGenericPassword();
SecKeychainFindGenericPassword();
SecKeychainItemModifyAttributesAndData();
SecKeychainItemCopyContent();
SecKeychainItemFreeContent();
SecKeychainItemDelete();
回答2:
It appears that the only way use a user's password for Apple's Autoingest tool is to handle the password directly in code. I make sure to not hold onto it longer than I need it, and of course I store it with Keychain Services in order to keep it secure.
来源:https://stackoverflow.com/questions/12503708/whats-the-correct-way-to-prompt-a-user-for-their-password