What rules to use on Firebase-RealtimeDatabase to let users register and login?

Question

In order to let Android users register and login through my app I have set the .read and .write as true<

Answer 1

Using the following rules:

{
  "rules": {
      ".read": "auth != null",
      ".write": "auth != null"
  }
}

You'll give read and write access only to authenticated users. For more information, please see the official documentation regarding Firebase security rules.

According to your comment, you should then verify if the user that performs an operation is actually the authenticated user. So for example, let's say you want only authenticated users to able to access their accounts, the following rules are required:

{
  "rules": {
    "users": {
      "$uid":{
        ".read": "$uid === auth.uid",
        ".write": "$uid === auth.uid"
      }
    }
  }
}