> Question: how should I implement this? > > 1. Are there e.g. onStartup() and onShutdown() per-application events, > or similar, that I can hook into, to serve up a login dialog and set > the login state in Preferences? If not, then how should I implement > login?
So, your first problem is conceptual. The idea of an "application" isn't as well defined in Android as a desktop OS (deliberately). For instance, it's pretty clear what happens when the user presses the icon on the launcher or home screen - you display the login screen. What if the user receives a call whilst using your app, and it switches to the background? Does the user have to log in again when returning? No, that makes no sense. What if they press home and do something else for, say, 20 minutes - log in again then? Probably not. Could you describe why you want this in a bit more detail? Phones are already protected by key locks, I don't see why you need a separate login system for your app? > 2. Assuming that I save the login state and the user's password > (hashed with a salt) in Preferences, how secure will that be? That's impossible to answer because you did not describe what the login is protecting. Saving a hashed password with a salt isn't really secure because somebody can just decompile the apk to find out what the salt is then brute force the result *if* the phone is rooted. If it is not rooted they'd have to do that first. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en -~----------~----~----~----~------~----~------~--~---
