how about to use secure storage to store the user username and password in flutter-CodePudding

I am using flutter to write an app, now I want to use secure storage to store the username/passowrd like this:

SecureStorageUtil.putString("password", password);

is it a good practice? Or never store the user password in the client app? I already searching from Google but no one talk about it. And this is the SecureStorageUtil:

import 'package:flutter_secure_storage/flutter_secure_storage.dart';

class SecureStorageUtil{

  static FlutterSecureStorage _preferences = FlutterSecureStorage();

  static Future<String?> getString (String key, {String defValue = ''}) {
    return _preferences.read(key:key) ;
  }

  static Future<void> putString(String key, String value) {
    return _preferences.write(key:key, value:value);
  }

  static Future<void> delString(String key) {
    return _preferences.delete(key:key);
  }
}

CodePudding user response：

As the docs say

Keychain is used for iOS

AES encryption is used for Android. AES secret key is encrypted with RSA and RSA key is stored in KeyStore

Keystore is managed by the system, and the will be secure. You may use this if saving the password is important. However, its always recommended not to store passwords on the client-side, instead, save some Auth keys like JWT token, etc. to authenticate users.

CodePudding user response：

There is a package named SharePreferences that will allow you to store anything on both platforms ios and android and it did not have any kind of issue. I recommend that package. I hope that will work. And the second thing is storing password. If the user have an option in the app like Remember Me then it is useful to store the username and the password.