Question 1

How to set up biometric authentication with flutter_secure_storage?

Accepted Answer

Use AndroidOptions.biometric() for Android with enforceBiometrics parameter, or AppleOptions with accessControlFlags for iOS/macOS. Add necessary permissions like USE_BIOMETRIC in AndroidManifest.xml, and configure prompt titles as shown in the README examples.

Question 2

flutter_secure_storage vs shared preferences: which is better for tokens?

Accepted Answer

flutter_secure_storage is superior for sensitive data like tokens because it encrypts data at rest using platform security mechanisms, whereas shared preferences store data in plain text, making it vulnerable to extraction on rooted devices or insecure environments.

Question 3

Why does flutter_secure_storage fail on my web app?

Accepted Answer

It likely fails because your web app isn't served over HTTPS, as the plugin only works on HTTPS or localhost. Ensure HTTP Strict Transport Security headers are configured, and check the experimental web implementation notes in the README for potential issues.

Question 4

How to migrate from flutter_secure_storage version 9 to 10?

Accepted Answer

Version 10 automatically migrates data with migrateOnAlgorithmChange enabled by default. Update your Android options to use new ciphers like RSA OAEP + AES-GCM, and review the migration section to handle deprecated features like encryptedSharedPreferences.

Question 5

What are the minimum Android API requirements for biometric support?

Accepted Answer

Biometric authentication requires Android API 23+ for basic support, but enforced biometrics with enforceBiometrics: true need API 28+. The device must have PIN, pattern, password, or biometric enrolled, as specified in the Android requirements section.

Question 6

Can I use custom encryption algorithms in flutter_secure_storage?

Accepted Answer

Yes, on Android, you can specify custom key and storage ciphers using AndroidOptions, with combinations like RSA_ECB_PKCS1Padding and AES_GCM_NoPadding, as outlined in the advanced cipher table for tailored security needs.

Secure Storage

What is Secure Storage?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions