Best option to store username and password in android app

Question

I am developing an Android app where the user needs to sign in to perform operations. But mostly on an android handset, people use \"Keep me signed in\", In

Answer 1

You could use EncryptedSharedPreferences from the Jetpack security library. It works great for key-value type settings.

It wraps SharedPreferences, providing secure encryption/decryption while maintaining the same API as SharedPreferences.

As in their example:

  String masterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC);

  SharedPreferences sharedPreferences = EncryptedSharedPreferences.create(
      "secret_shared_prefs",
      masterKeyAlias,
      context,
      EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
      EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
  );

  // use the shared preferences and editor as you normally would
  SharedPreferences.Editor editor = sharedPreferences.edit();