When you work in mobile apps, you will come across situations when you need to store sensitive information, such as passwords, keys, tokens, user sessions, and so on. Saving this information in plain format or in a place where other apps or the user himself can access it is a disaster and can compromise the security of your device.
From my point of view, I don't recommend saving any sensitive information on the device. However, if you really want to go ahead with it then, before saving anything, you have to ask yourself, do I really need to do this? It's very important to save all important information on the server side and, if it is absolutely necessary to save anything locally, it has to be encrypted and saved in a secure place, such as Keychain.
