We develop several apps/games. We store/retrive data from plist.
I have searched got the followings #
Those tutorials tells how to prevent you plists from being changed. But we don't want to let the users (harmful users) to show any data.
The main question is who are you protecting it from?
1) If you want to protect your plist from prying eyes of unsophisticated user (just and average guy with some tool), all you need is to encrypt plist (even hardoded key should be enough)
2) If you want to protect to protect it from a hacker who has an access to the phone then you will have to do a lot of actions - you need a passcode, this passcode should be long, it should be hashed with salt and this should be used (directly or indirectly) as a key for protection. This way, a hacker without knowledge of password won't be able to get to your plist.
3) If you are trying to protect from malware, which is specifically designed to get a data from your running app - you are screwed. Since, jail is broken on Jailbroken devies, malware can literally do anything and it will be always able to copy your plist out of memory when your application will decrypt it.