The keychain services on iOS provide a means to securely store content such as passwords, keys, certificates, etc. Each iOS application has a separate set of keychain items. Beginning with iOS 3.0, it is possible to share keychain items across applications.
In this tip, I will demonstrate a starting point for working with the keychain by storing and retrieving a username and password.
Keychain Demo Application
Before going any further, let me show you the sample application I wrote to test keychain access. The screenshot on the left shows two fields, one each for username and passord, along with a button to initiate the process for writing to the keychain. The figure on the right shows the fields populated upon application startup by retrieving the username and password from the keychain.
Below are the definitions for the textfields and the button:
UITextField *username = [[UITextField alloc] initWithFrame:CGRectMake(40, 30, 240, 30)];
UITextField *password = [[UITextField alloc] initWithFrame:CGRectMake(40, 75, 240, 30)];
UIButton *testButton = [UIButton buttonWithType:UIButtonTypeRoundedRect];
[testButton setFrame:CGRectMake(80, 130, 160, 40)];
[testButton addTarget:self action:@selector(buttonPressed:) forControlEvents: UIControlEventTouchUpInside];
Apple has written an Objective-C wrapper that you can use to simplify working with the keychain, the files in the wrapper are KeychainItemWrapper.h and KeychainItemWrapper.m, both are included in the attached Xcode project.
To use the wrapper, allocate a new KeychainItemWrapper object as shown below:
KeychainItemWrapper *keychain =
[[KeychainItemWrapper alloc] initWithIdentifier:@"TestAppLoginData" accessGroup:nil];
I’ve specified a unique identifier (“TestAppLoginData”) for the username and password pair that I want to store in the keychain. The accessGroup is set to nil as only one application will access the keychain items in this application.
Writing to the Keychain
Once the button is pressed to save the username and password, writing to the keychain is quite straight-forward. For the username, I set an object (the username text) with the key kSecAttrAccount. I follow this by setting another object, this time the password text, with the key kSecValueData.
- (void)buttonPressed:(UIButton *)button
if (button == testButton)
// Store username to keychain
if ([username text])
[keychain setObject:[username text] forKey:(id)kSecAttrAccount];
// Store password to keychain
if ([password text])
[keychain setObject:[password text] forKey:(id)kSecValueData];
Reading from the Keychain
To populate the textfields with stored keychain items at application startup, once the textfields are defined, I read the two key-value pairs:
// Get username from keychain (if it exists)
[username setText:[keychain objectForKey:(id)kSecAttrAccount]];
NSLog(@"username: %@", [username text]);
For the password, I request the key kSecValueData:
// Get password from keychain (if it exists)
[password setText:[keychain objectForKey:(id)kSecValueData]];
NSLog(@"password: %@", [password text]);
For this simple application, at this point we are done, that’s all that is required to write and read items with the keychain.
- Writing and retrieving values from the keychain doesn’t seem to work in the simulator.
- Uninstalling an application will not remove the items from the keychain. If you run the demo application on your device, and uninstall the app, the username and password will remain in the keychain (a firmware reset will, of course, remove the keychain values).
Apple Keychain Resources
Keychain Services Programming Guide
GenericKeychain Example (source code)
Keychain Xcode Project
Download the demo project: – Store Username and Password to Keychain