Android where to store credential info like url, username, passcodes?

I have an app which will connect to se开发者_如何学编程rver and provide some basic connection credential information like server url, userer, application id etc What is the best option for storing this information within the android app? Should it be a preference? not sure where to store these items. I should clarify this question a bit. There are different levels of security requirements, so I am interested in hearing about how to encrypt the password etc, but there are also items which are generally not encrypted like connection urls etc, so I am also interested in how to store such information as well. I am basically looking for a better solution

You can programatically CRUD SharedPreferences to store this information. PreferenceManager.getDefaultSharedPreferences is one way to access them. Read this guide to get started: http://developer.android.com/guide/topics/data/data-storage.html#pref

Android will prevent other applications from accessing whatever you store in SharedPreferences or a SQLite database. In either way, you are still storing information in the clear. If an attacker gains root access, they can read that information.

Update - I couldn't find this earlier, but here is some sound advice from Reto Meier: What is the most appropriate way to store user settings in Android application

You want to use an HTTPClient and store these values in session cookies (handed out by the server).

These cookies are automatically managed by the HTTPClient whenever you make a request until the cookies expire.

DO NOT DO NOT DO NOT store this information in a local database or in Preferences. Anyone that plugs that phone into their computer can browse the database extremely easily if they are so inclined.

I think preferences is the best. Storing in SQLite database might not be secure. Databases can be pulled out and accessed(also using SQLite Editor apps), but preferences cannot be accessed by any other applciation.