I may need to store passwords on a device for an upcoming iOS app. I would like to encrypt the passwords. I know from previous iTunes Connect submissions that there are questions about government export compliance when using encryption. I intend to sell (free app, actually) the app internationally. I did some research and found the following links. By the sound of it, I _think_ there are exceptions to an intimidating government review process when using encryption for authentication. I hope so.
Export Administration Regulations Database
http://www.access.gpo.gov/bis/ear/ear_data.html
Commerce Control List Supplement No. 1 to Part 774 Category 5 - Info. Security
http://www.gpo.gov/bis/ear/pdf/ccl5-pt2.pdf
Checklist on Encryption and Other “Information Security” Functions
http://www.bis.doc.gov/encryption/checklistinstr.htm
-- "encryption review or notification is NOT required ... for ... limited forms of cryptography, such as authentication ...
