What’s new in Secure Storage 2.5.0?

Secure Storage 2.5.0 has objectives of making it more secure on Android and making the secure storage accessible with a configurable access level in iOS. It comes with two major features. The features are breaking changes with provision for backward compatibility.

1. Android
The new version provides an additional mechanism to store data in the AndroidKeyStore. AndroidKeyStore provides the ability to protect data using hardware when possible. Only the application that created the data can access it. This provides an extra layer of security to protect the secret data from being hacked and used by other apps. The data is stored using the best available cryptographic technique available for the phone.

This is now the default storage mechanism. It is a breaking change as the data stored by earlier versions will not be available in the new version unless it is converted explicitly.

If developers want to preserve the storage mechanism from the earlier version, it can be done by setting the storage type as follows:

// Set the type of the storage

SecureStorageImplementation.StorageType = StorageTypes.PasswordProtectedFile;

If you choose to assign a custom password for the file, it can be assigned as follows:

// set your password in ProtectedFileImplementation

ProtectedFileImplementation.StoragePassword = "YourPassword";

2. iOS
In 2.5.0, the KeyChainAccessLevel is set to AfterFirstUnlock as default. This will enable apps to update data from the background process such as push notification. You can customize this level to your choice. This level is not compatible with the level from 2.0. So any data that is stored using the previous version, will not be accessible. To maintain backward compatibility, add a line to AppDelegate as follows:

// set DefaultAccessible as follows
SecureStorageImplementation.DefaultAccessible = Security.SecAccessible.Invalid;

Thanks for using Secure Storage Plugin. You can find the plugin and API documentation here:


Published by: Sameer Khandekar

I am a passionate software engineer who loves to work on Azure microservices, REST API, SDKs, and .NET apps using WPF, Xamarin, and MAUI. The work includes highly scalable geo-distributed services and an authentication library with nearly 500 million downloads. I also had fun integrating with hardware using Bluetooth (BLE). More here: https://www.sameer.blog/about/

Categories UncategorizedLeave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s