Good Afternoon Guys and Girls,
Hopefully this will be a quick and easy question.
I am building an App that requires the user to input their login details for an online service that it links to. Multiple login details can be added and saved as the user may have several accounts that they would like to switch between.
These details will be stored in an SQLite database and will contain their passwords. Now the questions are:
1: Should these passwords be encrypted in the database? My instinct would say yes but then I do not know how secure the device and system is and if this is necessary.
2: If they should be encrypted what should I use? I think encrypting the whole database file sounds a bit over-kill so should I just encrypt the password before saving it to the database? If this is case what could I use to achieve this? I have found reference to a "crypt(3)" but am having trouble finding much about it or how to implement it.
I eagerly await your replies!
EDIT: As you will see from the chosen answer and comments KeyChain is what I went with. Any one interested in using it there is some useful source code here:
http://log.scifihifi.com/post/55837387/simple-iphone-keychain-code