Use an secured intermediary. (i.e. Your app -> App on your server -> End point).
It takes up more resources but it ensures that nobody who has your app can get access to the details, and also allows you to update the login details without the need to force an app update on all your users. Al. On Mar 2, 6:23 pm, Anna PS <annapowellsm...@googlemail.com> wrote: > Hi there > > So I would like to store a username and password for HTTP login in the > Android source (it's an account that is app-wide, rather than per- > user, so I would like to supply it with the app). > > Is this a really bad idea? In other words, should I just assume that > any text in Android source can be decompiled and read once I've > released an app on the Market? > > If yes, would encrypting it help? Or would anyone who decompiled the > app also be able to work out the encryption method? > > Thanks for your advice. > > Anna -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en