I have a question regarding security on the device (Android and iOS)
Currently, within the project i am working on, we have the device connect to an FTP site to upload and download files and forms.
To keep costs down (Because we're offering this service for free) there is 1 username and password for each group that signs up. This allows them access to their particular folder within the FTP where they can find all of their stuff relating to their group.
Currently the Username and Password is either hard coded into the synchronization file or contained within the settings file in the DocumentsDirectory. Therefore it would be quite simple for somebody with malicious intent to acquire the username and password and bombard the FTP with rubbish, thus destroying what we've worked on.
What I need to know is whether I can encrypt the Username and Password in the file and how to decrypt the information for sending to the FTP.
I am aware of the crypto. library, however It only allows encryption, so how would I go about decrypting a Username and Password so it can be sent and authorized by the FTP? Also if i encrypt the Username today, will the decryption still read the same tomorrow?