Apple's GenericKeychain example saves a username and password in the iOS keychain. It does this using kSecAttrAccount for the username, and kSecValueData for the password.
Are all data items placed in the keychain encrypted, so including the kSecAttrAccount/username in this example?
I'm asking because I don't want account names to be exposed.
If you use kSecAttr for the username it will be encrypted.
The attributes associated with a keychain item depend on the class of the item; the item classes most used by applications ... are Internet passwords and generic passwords. As you might expect, Internet passwords include attributes for such things as security domain, protocol type, and path. The passwords or other secrets stored as keychain items are encrypted.
(see "Structure of a Keychain")
As you use kSecAttrAccount, which can only be used with the classes kSecClassInternetPassword and kSecClassGenericPassword (see Keychain Services Reference @ kSecAttrAccount), the account name will be encrypted.
