- Home /
PlayerPrefs: Credebility, Advantages/Disadvantages
I am currently considering different measure of saving variables in my game, and playerprefs looks like a really easy and secure method of saving, but before I delve into using it I want to make sure that it's not all too good to be true. My first question is how credible is the data saved by playerprefs? Is it possible that someone who plays my game can easily go and modify value to help themselves cheat? Is the data encrypted or well hidden enough that the effort would be too much for the average computer user or gamer? Is the data "permanent"? will it be there if your computer restarts, or if my game closes. Next I am curious about the advantages and disadvantages to playerprefs. Is it slow? Is it bulky?
Using the defaults, PlayerPrefs is stable and permanent it will be there when your computer restarts, game closes, etc. However, any little bit of Googling will reveal that hierarchy it lives under in the registry and thus it's trivial to hack it/cheat.
Answer by Bunny83 · Aug 30, 2013 at 09:25 PM
The PlayerPrefs (short for Player Preferences where player refers to the UnityPlayer) are just a way to store any data on the clients machine. The main goal is to provide a solution that works on all platforms (web / standalone / mobile / ...). The implementation varies and it is generally not considered as "safe". As the name suggests it's primarily ment for storing preferences like player name, volume settings, quality settings, ... However it can be used for any kind of data.
The PlayerPrefs are not encrypted or protected against modifications. Actually it's impossible to make something "safe" when it is stored and processed on a client. You should ask yourself what level of security you need and how you actually measure it ;)
Just some hints: Standalone and webbuilds can be quite easily decompiled, so almost any encryption you implement on the client can be broken. On mobile it's a bit more difficult, but if on Android with a rooted device nothing is impossible.
To prevent 90% of all scriptkiddy attacks you could save a hash value along with the actual data. This would make simple editing a bit difficult. If you have any real sensitive data, store it on a server.
Understood. The data at hand is too important, I just need to put it out of reach of the average gamer. Also, I never asked, but how well does playerprefs handle alot of quires at once. For example: I need to load and save a scene with 300 items+, is that too much?
I thing PlayerPrefs is a good method for a basic save/load but i think the X$$anonymous$$L serilization more useful and capable. However , i'll go with the PlayerPrefs : it's easy and useful yes , but X$$anonymous$$L and PlayerPrefs are similar ... my opinion is creating yourself your save/load system ...
I've considered that. But creating my own method is a sizable amount of work. Currently, I just want a solution, but my project over all is a learning experience, so I might one day turn to saving and loading data. Right now I have alot of other things to work on though.