Are account names (kSecAttrAccount) encrypted in iOS keychain?

Question

Are account names (kSecAttrAccount) encrypted in iOS keychain?

The Apple GenericKeychain example stores the username and password in the iOS keychain. To do this, use kSecAttrAccount for the username and kSecValueData for the password.

Are all data items encrypted in the keychain, therefore including kSecAttrAccount / username in this example?

I ask because I do not want account names to be displayed.

+7

ios keychain keychainitemwrapper

meaning-matters May 19, '13 at 20:01

source share

1 answer

schmubob · Answer 1 · 2013-07-10T15:50:54+0000

If you use kSecAttr for the username, it will be encrypted.

The attributes associated with the keychain element depend on the element class; the classes of objects most used by applications ... are Internet passwords and shared passwords. As you would expect, Internet passwords include attributes for objects such as a security domain, protocol type, and path. Passwords or other secrets stored as keychain elements are encrypted.

(see "Keychain Structure" )

As you use kSecAttrAccount , which can only be used with the kSecClassInternetPassword and kSecClassGenericPassword (see @kSecAttrAccount Keyword Reference ), the account name will be encrypted.

Are account names (kSecAttrAccount) encrypted in iOS keychain?

More articles: