iPhone keyboard security,

I would like to disable auto text capture by OS, if you type in UITextField/UITextView OS capture this text ( If not found in it's dictionary ) in your application, it will be stored as plain text in dynamic-text.dat file in /root/Library/Keyboard

Now if you open and read this file, you can easily read what you typed in your application.

开发者_运维知识库My requirement is, how can i disable this feature so that within my application, OS does not capture typed in text into this file?

You can check this out even on iPhone Simualtor

In the simulator, if I had a UITextField set to Secure (with autocomplete set to off though that should be the default) I never saw any text I typed there in the ~/Library/Application Support/iPhone Simulator/User/Library/Keyboard/dynamic-text.dat, though a UITextField set to autocomplete did have text end up in there.

If I turned off autocorrection on the field that was capturing before, I saw no more entries that I typed show up in that file.

I tried this both on the simulator, and also on the device - on the device I ran my same test application with a secure and unsecured text field (where I alternately turned on and off autocorrection), and then used SpyPhone to examine the keyboard cache. Again in all cases where the text field was marked as secure or had autocorrection turned off, I did not see anything I typed show up in the keyboard cache where I did if I typed it into a text field with auto-correction enabled - just to be clear even explicitly turning on autocorrection in an IB defined text field did not record anything if the field was also marked as secure (and I'm also not sure it tried to autocorrect).

Now I did note, that if I tried a UITextView instead of a UITextField, in that case even turning off autocorrection did not stop the text from being recorded. That seems like an oversight rather than a design choice. A workaround would be to use a UITextField, but that's not always possible... I'd file a Radar on that with Apple.

I can also verify that no common passwords I use (in Safari or applications) showed up in SpyPhone, so they are not in the cache. But pretty much any app collecting passwords uses a UITextField to do so.

I don't know much about iPhone programming but... if you can disable the autocorrection, that would surely keep it from going into the user words database.

If disabling auto correction doesn't work, I don't believe this is possible with the built in keyboard. The only solution seems to be to create your own keyboard implementation, which others have done for various reasons.