iOS Dev Nuggets: Short iOS app development nugget every Friday/Saturday

Need to run a code review on your codebase? Hire me

iOS Dev Nugget 216 File Data Protection

by Hwee-Boon Yar — Subscribe to tips via weekly email

One of the simplest ways to improve security for your app data is to make use of the file data protection APIs

The iOS Security doc is an important document which also talks about other aspects of iOS security. File data protection is simple to understand though.

There are a few options:

NSFileProtectionComplete — file is only accessible when device is unlocked
NSFileProtectionCompleteUnlessOpen — file is accessible while the device is unlocked and will remain unlocked while it's open. THis is useful if you want to read/write to it while running in a background task
NSFileProtectionCompleteUntilFirstUserAuthentication — file is accessible once the device is unlocked and until it is rebooted
NSFileProtectionNone - file is not encrypted

To set them on a per-file basis:

FileManager.default.setAttributes([FileAttributeKey.protectionKey: NSData.WritingOptions.completeFileProtection], ofItemAtPath: filePath)

If you want to set a default protection class for every file your app creates, you can specify the com.apple.developer.default-data-protection entitlement in Xcode.

File protection is easy to implement, and hardware-optimized. You should use it.

Your feedback is valuable: Do you want more nuggets like this? Yes or No

Like this and want such iOS dev nuggets to be emailed to you, weekly?

Sign Me Up! or follow @iosdevnuggets on Twitter

View archives of past issues

iOS Dev Nuggets: Short iOS app development nugget every Friday/Saturday

iOS Dev Nugget 216 File Data Protection

Here's a few related nuggets: