I would recommend to use the KeyChain. It is a bit more difficult than storing it in your App folder but it is a lot more secure.
The KeyChain will handle all of the encryption for you and will provide you with options on what will happen to your data when the device is restored and place conditions on when the data is accessible (e.g only for unlocked devices).
If you're developing more than one app you can use the KeyChain to share information between apps. One thing to keep in mind is that the KeyChain retains information even after app removal, unless you remove it.
An easy way to get started is to use CocoaPods in your project and do a search for KeyChain pods.
One question to you: do you really need to re-authenticate (offline) after the first login? If you do it might be more userfriendly to ask for a pin (which you can store in the KeyChain).