Security considerations

Remember that when you build the app into a package for distribution with Xcode, string resources for the app are in clear text.

The Settings bundle file Root.plist and the file Localizable.strings, where string resources for the app are stored, are placed into the app package in clear text form.

These files have no encryption of any kind.

Note:
  • Never store sensitive information such as user names, passwords, credential or session tokens, or Spotfire Business Author URLs for your enterprise in these files.
  • Do not refer to them there using the string:, resource: or setting: keywords found in the file MyConfiguration.plist.

It is safe to store Spotfire Business Author URLs for your enterprise in the file MyConfiguration.plist because this file is not distributed in your compiled app package. Instead, this file is processed during the app build process, and the code produced is compiled into the binary app in your app package.

Note: Do not store user names, passwords, or credential or session tokens in MyConfiguration.plist.