My program has the user create a passcode which is used to gain access to the program’s data. During the creation process the program flow is as follows:
- ask the user to enter a passcode
- ask the user to re-enter the passcode
- if the passcodes match proceed, else go to step 1 and start the process over
In order to compare the two entered passcodes I store the passcode temporarily into a instance variable. Could this be a potential security hole? If so, why is this a problem and what would be your solution? Maybe store a hashed version of it? Thanks!
I think you approach if fine (storing password in a iVar).
Maybe you need to define for yourself “security hole”. Of course would it be then possible for a attacker to read the stored-memory from a stolen iPhone and reconstruct the password.
But are the data that sensible?
You could improve your security concept by overwriting you memory with null bytes (same length as the entered password), deleting all references in memory of your plaintext password and just keep a SHA256 of the entered password.
Also make sure to null-bytes-overwrite and delete when receiving a UIApplicationDidEnterBackgroundNotification.
But i don’t think it’s worth doing that.