A developer wants to ensure that user login details are not exposed to unauthorized access on a mobile device. Which measure aligns most closely with the requirements from this standard?
Enabling convenient developer access to stored credentials during debugging
Encoding user credentials in base64 for storage in the app’s preferences
Relying on the device’s built-in encryption capabilities while using a recognized key management library
Hardening the app by renaming sensitive variables without encrypting them
Using robust encryption and key management helps protect stored user credentials. This approach relies on tested libraries to prevent simplistic errors and ensures that critical data remains secure if an attacker gains file-level access. Other approaches rely on weak encoding, unclear obfuscation, or practices that reveal credentials during testing, which do not adequately protect sensitive data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is key management in encryption?
Open an interactive chat with Bash
Why is base64 encoding considered insecure for storing credentials?
Open an interactive chat with Bash
What is the role of built-in encryption in mobile devices?