Thank you all for the answers. I was hoping to upload videos to Youtube via a shared account (so I didn't have to ask the users for their own login details on the client-side - I can't just use ACTION_SEND because I need to supply developer tags etc).
It's clearly not a good idea to put the login details in the code, given what you've told me. I'll follow Al's suggestion - thanks very much Al :) On Mar 3, 9:43 am, Al Sutton <a...@funkyandroid.com> wrote: > Use an secured intermediary. (i.e. Your app -> App on your server -> > End point). > > It takes up more resources but it ensures that nobody who has your app > can get access to the details, and also allows you to update the login > details without the need to force an app update on all your users. > > Al. > > On Mar 2, 6:23 pm, Anna PS <annapowellsm...@googlemail.com> wrote: > > > > > Hi there > > > So I would like to store a username and password for HTTP login in the > > Android source (it's an account that is app-wide, rather than per- > > user, so I would like to supply it with the app). > > > Is this a really bad idea? In other words, should I just assume that > > any text in Android source can be decompiled and read once I've > > released an app on the Market? > > > If yes, would encrypting it help? Or would anyone who decompiled the > > app also be able to work out the encryption method? > > > Thanks for your advice. > > > Anna -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en