NativePhp Mobile - How safe are user credentials within sqlite?

[iamjrock]

Love NativePhp, close to buying a mobile license, total newbie at sqlite in mobile apps, not sure if NativePhp's implementation of sqlite is the same as how other apps would implement.

How safe is the data in the sqlite db, including the user's credentials in the laravel users table?

I assume that the sqlite db is isolated from the OS or other apps?

Perhaps a jailbroken device or device backups might make the sqlite data accessible?

[iamjrock]

Love NativePhp, close to buying a mobile license, total newbie at sqlite in mobile apps, not sure if NativePhp's implementation of sqlite is the same as how other apps would implement.

How safe is the data in the sqlite db, including the user's credentials in the laravel users table?

I assume that the sqlite db is isolated from the OS or other apps?

Perhaps a jailbroken device or device backups might make the sqlite data accessible?

Hi NativePhp Team,

Apologies for my newbie question - it would be really terrific if someone could give me a steer.

Thx again for a great product.

[nilskretschmer]

You should never store user credentials unencrypted. Use something like SecureStorage instead:
https://nativephp.com/docs/mobile/1/apis/secure-storage

It depends on your app what you store in the database or even in plain files and you as a developer decide which data should be encrypted before storing it. You can also store encrypted content in the SQLite DB. The docs show how you could do that:
https://nativephp.com/docs/mobile/1/concepts/security

So the idea is to generate an encryption key and store that key in SecureStorage - then you can use that key to encrypt/decrypt content of the local DB.