iphone storing password locally and sending it across to a server securely

I am writing an iPhone app which will start with asking the user to register with a login/passwd. These should be :

1. Saved securely loc开发者_开发技巧ally
2. Send securely to a remote web-server

What do I need to achieve the above? Say, for local storage, shall I save them in a file or database? Shall I encrypt it? For sending it over, is HTTPS sufficient?

See this question for storing sensitive data in the iPhone keychain.

Whether you save them in a flat file or a database doesn't really matter security wise. What's important is how you secure the data - in any case you should encrypt the data with an encryption scheme that is strong enough for the type of data you are protecting.

If you only protect trivial things like for instance a high score in a game, then a less strong encryption would probably be good enough. However if you are providing access to more sensitive data, eg. personal information, then you should select a stronger encryption scheme.

Regarding HTTPS then it will only be able to help you out with the transfer of the data across the internet. It will most likely be good enough for you purpose since it is good enough for applications like online banking, etc.