== Recommended Secure Coding Practices

* Use internal storage whenever possible as the system prevents other apps from accessing this location.
* Only use external storage if you need to share non-sensitive files with other applications.
* If your application has to use the external storage to store sensitive data, make sure it encrypts the files using https://developer.android.com/reference/androidx/security/crypto/EncryptedFile[EncryptedFile].
* Data coming from external storage should always be considered untrusted and should be validated.
* As some external storage can be removed, make sure to never store files on it that are critical for the usability of your application.