Is storing users' passwords in FirebaseDatabase is a good idea?

You do not do that.

Use the (awesome, amazing) Firebase authentication system.

Click right here:

enter image description here

on the left, to see all the users - click "Authentication".

You never see / you cannot see their passwords.

You don't handle or touch the passwords at all.

In the Android or iOS app, you get the userid - and that's it.

The answer by @PeterHaddad shows perfectly how to do that.

That's the first and most basic step in any Firebase ios/droid app.

In your data you'll have a "table" called probably "userData/" and that's where you keep all data about the user. (For example, you may store their address, real name, shoe size .. whatever is relevant in your app.)

Note - FBase is so amazing, your users can also connect with other methods (phone, etc). For your reference in the future, that is explained here


You don't need to store the password in the firebase database, after you authenticate the user using createUserWithEmailAndPassword the email and other info will be stored in the authentication console. So you do not need the password in the database, all you need is the userid to connect auth with database.

FirebaseUser user=FirebaseAuth.getInstance().getCurrentUser();
String useruid=user.getUid();