Android Question Application protection via Mac Address

[khwarizmi]

Hi there

Is it safe to rely on application protection via Mac Address? Or is it penetrable and changeable.

Thanks

 

[DonManfred]

Or is it penetrable and changeable.

you´ll probably not get the mac at all in newer androids.

 

[khwarizmi]

thanks @DonManfred, So I cant't use it.
I don't want to use the Advertising Id, there is a conflict between firebase2 and some other libraries like Phone and ArchiveplusZip. So what alternative should I use to find a unique device identifier?

 

[Sandman]

So what alternative should I use to find a unique device identifier?

I generate it myself on first app run.

 

[asales]

there is a conflict between firebase2 and some other libraries like Phone and ArchiveplusZip

Which conflict?

 

[khwarizmi]

Which conflict?

The application cannot be built unless the firebase2 is excluded:

B4A Version: 11.80 Parsing code. (0.13s) Java Version: 11 Building folders structure. (1.22s) Compiling code. (0.14s) ObfuscatorMap.txt file created in Objects folder. Compiling layouts code. (0.30s) Organizing libraries. (0.47s) (AndroidX SDK) Compiling resources (13.03s) Linking resources (20.23s) Compiling generated Java code. (10.09s) Finding libraries that need to be dexed. (0.05s) Dex code (6.93s) Dex merge Error Error: Cannot fit requested classes in a single dex file (# methods: 77184 > 65536). Try supplying a main-dex list Compilation failed

 

[khwarizmi]

I generate it myself on first app run.

I need a unique number for the device itself, I have data that I want to reach only registered users, and access must be done through their devices only.

 

[teddybear]

I need a unique number for the device itself, I have data that I want to reach only registered users, and access must be done through their devices only.

Now that you have the registered user information, why not generate an unique number to the user when they registered

 

[Sandman]

So why not simply have them identify as registered before creating the ID?

 

[khwarizmi]

So why not simply have them identify as registered before creating the ID?

My application that I am working on is an educational platform, for each student there is a user name and password, the student pays the fees for each subject he wants to subscribe to, when the student pays the fees, the application is allowed to download the lessons, I want the student's account to be linked to his device only so that another student does not benefit From the entry data and download the lessons without paying the fees.

 

[Sandman]

That sounds like a great situation for you. I'm not sure I see a problem here?

 

[khwarizmi]

If a user gives the login credentials of another user.

 

[khwarizmi]

Now that you have the registered user information, why not generate an unique number to the user when they registered

The ID that is generated in the database is a unique number, but I want a unique for the device itself, so that no user can take advantage of the login data of another user.

 

[asales]

The application cannot be built unless the firebase2 is excluded:

B4A Version: 11.80 Parsing code. (0.13s) Java Version: 11 Building folders structure. (1.22s) Compiling code. (0.14s) ObfuscatorMap.txt file created in Objects folder. Compiling layouts code. (0.30s) Organizing libraries. (0.47s) (AndroidX SDK) Compiling resources (13.03s) Linking resources (20.23s) Compiling generated Java code. (10.09s) Finding libraries that need to be dexed. (0.05s) Dex code (6.93s) Dex merge Error Error: Cannot fit requested classes in a single dex file (# methods: 77184 > 65536). Try supplying a main-dex list Compilation failed

I have an app with Firebase2, Phone and ArchiveZipPlus and no problem.
Did you jetified the lib?

 

[khwarizmi]

I have an app with Firebase2, Phone and ArchiveZipPlus and no problem.
Did you jetified the lib?

see my other question:

Conflict between libraries in the presence of the library Firebase2

Hi all The following project contains the following libraries only: Core. Firebase2. OkHttpUtils2. ViewAnimations. It cannot be built without excluding OkHttpUtils2 library or ViewAnimations library.

www.b4x.com

 

[asales]

see my other question:

Conflict between libraries in the presence of the library Firebase2

Hi all The following project contains the following libraries only: Core. Firebase2. OkHttpUtils2. ViewAnimations. It cannot be built without excluding OkHttpUtils2 library or ViewAnimations library.

www.b4x.com

See my answer. It compiled without problems.

 

[teddybear]

If a user gives the login credentials of another user.

Don't worry about that, when a student registers, you can generate a unique user ID and send it to the device. when the student logs in, you only need to check the user/ password and ID if they are coreect, even if he/she shares the login data to another, No ID is in the device and he/she will not login either，unless he、she shares the device to another。

 

[Erel]

Error: Cannot fit requested classes in a single dex file (# methods: 77184 > 65536). Try supplying a main-dex list

This error is solved with:

#MultiDex: True

 

[Cableguy]

The ID that is generated in the database is a unique number, but I want a unique for the device itself, so that no user can take advantage of the login data of another user.

Fusion 360 uses a second layer authentication by sending a code to user e-mail after user enters ID and password.
It will be quite difficult for someone usurpating someone else's ID and password to also have access to that user e-mail

 

[khwarizmi]

Thank you @Cableguy
The problem was finding a unique device id of the device itself, the problem is not just the password cracking, but another problem is that two different users are using the same login data.
The problem was solved by using Advertising id, using the answer provided by @asales and @Erel.