Difference Between Keychain and Nsuserdefault

Difference between Keychain and NSUserDefault?

A keychain is an encrypted container that holds passwords for multiple applications and secure services. Apple Inc. uses keychains as password management system in Mac OS and iOS.

NSUserDefaults Provides a way for application behavior customization based on user preferences. Belongs to the Foundation framework for Cocoa and Cocoa Touch.

I got this from Tag Information of NSUserdefaults and keychain

NSUserDefaults or keychain is better to save username and password in iPhone app

NSUserDefaults is quite easy to use and stores one value per key only. But apparently, it is not a very secure method, as there is no encryption.

But the Keychain is secure, though it is a bit hard to code.
You can refer these link to use keychain access.

http://log.scifihifi.com/post/55837387/simple-iphone-keychain-code

you can also use this library deviced by Simon

https://github.com/goosoftware/GSKeychain

I hope it helps you!!

NSUserDefaults and Keychain

When you use PDKeychainBindingsController, you should call [PDKeychainBindings sharedKeychainBindings] and then set/get all string to/from the keychain. The PDKeychainBindingsController will call keychain API(which is C, hard to use) for you.
That means actually all [[PDKeychainBindings sharedKeychainBindings] setObject:... forKey...] will be kept in keychain. Don't worry to use it!

Storing authentication tokens on iOS - NSUserDefaults vs Keychain?

I would highly recommend you use the keychain - it's exactly what Facebook do for storing their session tokens.

NSUserDefaults is not secure or encrypted - it can be easily opened and read, both on device and when synced to a Mac. So whilst user defaults is a good place for things like preferences and config info, it's not a good place for anything sensitive, like passwords.

Session tokens should almost always treated the same as passwords, so you should store them securely in the keychain, where they'll be encrypted. Apple have some sample code (GenericKeychain) that shows a basic implementation, and you'll find other examples by searching StackOverflow. Hope that's helped you out.

Keychain or NSUserDefaults? Which one to use?

You should use NSURLCredential, it will save username and password in the keychain in just two lines of code.

This is detailed answer

Can the keychain be used like a NSUserDefaults on steroids for storing NSData?

I don't think there is any limit and you definitely can store NSData, however performance will not be very good. Quoting Apple's documentation:

The keychain is intended for storing small amounts of sensitive data that are specific to your app. It is not intended as a general-purpose mechanism for encrypting and storing data.

I wouldn't store more than 1KB or so in a keychain entry, and you should also avoid having a lot of keychain entries.

If you need to encrypt a large amount of data, you should generate a random AES-256 key and store the key in keychain, then encrypt your large data using AES. Look up RNCryptor on keychain for a good library to implement this properly and ask any specific encryption questions at security.stackexchange.com.

I also wouldn't store large amounts of data in NSUserDefaults. It also is not intended to be used that way. Data should be stored in a file in one of the relevant directories defined under NSSearchPathDirectory, or else in iCloud.

It's a matter of performance. All of the code for working with both keychain and user defaults is based on the assumption only a small amount of data will be there. It's very fast for small amounts of data, but larger amounts will wast memory and cpu cycles/battery power. And in the case of keychain, you are also wasting the user's LTE bandwidth, since every change will be sent over the internet to every device they own.

I don't think Apple's app review team actively enforces this stuff, but it would technically violate the rules to use the API for anything other than it's intended purpose.

Difference Between Keychain and Nsuserdefault