Secret cannot be `NSUUID -UUIDString`

Question

Secret cannot be `NSUUID -UUIDString`

Opened this issue 8 years ago · 1 comments

In the README, the instructions on configuring the secret gives the example of using NSUUID -UUIDString in the secret string.

Never store the secret somewhere on your file system or in your user preferences but instead put it somewhere static in your code. Preferably use a salt string in combination with something device specific (such as NSUUID's UUIDString method).

NSUUID -UUIDString generates a random UUID every time the secret is set, there's no way the app can decrypt what it stored in the NSUserDefaults next time it launches with a new UUID in the secret.

I think what you meant is [[[UIDevice currentDevice] identifierForVendor] UUIDString]]?

Answer 1 · 2017-07-13T09:03:37.000Z

You can store the UUDID string and hardcode a salt string. This way you will have a key, that will only work on this device. E.g. UUDID + "%zuj63i_L%%w_q(N"