Which statement best describes how the iOS Keychain stores data?
Think about where sensitive data like passwords should be kept on iOS devices.
The Keychain encrypts data and stores it in a protected area of the device. Only the app or authorized apps can access it, ensuring security.
Given the following Swift code snippet, which option correctly adds a password string to the Keychain?
let password = "mypassword123" let account = "user@example.com" let service = "com.example.app"
Remember the password must be converted to Data using UTF-8 encoding before storing.
Keychain expects the password as Data type encoded in UTF-8. The keys must be cast to String and the dictionary passed as CFDictionary.
Consider an app that stores a password in Keychain with kSecAttrAccessibleAfterFirstUnlock. When can the app access this data?
Think about the meaning of AfterFirstUnlock accessibility option.
The kSecAttrAccessibleAfterFirstUnlock option allows access after the device has been unlocked once after reboot, even if it is locked later.
Given this Swift code to retrieve a password from Keychain, why does it fail to find the stored password?
let query: [String: Any] = [kSecClass as String: kSecClassGenericPassword, kSecAttrAccount as String: "user@example.com", kSecReturnData as String: true] var item: CFTypeRef? let status = SecItemCopyMatching(query as CFDictionary, &item)
Think about what keys were used when storing the password.
If the stored item included kSecAttrService, the query must include it to find the exact match.
Why should developers prefer Keychain instead of UserDefaults to store passwords or tokens?
Consider the security and privacy differences between the two storage methods.
Keychain encrypts and protects sensitive data using device security features. UserDefaults stores data in plain text and is not secure for sensitive info.