If you’ve used Chatter on the iPhone, you might have noticed that you only need to authenticate the first time you run the app; from then on it will automatically reconnect to your account on each startup. What’s happening is that the Chatter app is using OAuth 2.0 to obtain both a short-lived session token for API access and a long-lived refresh token (see Digging Deeper into OAuth 2.0 on Force.com for an explanation of OAuth and its various token types), storing the latter securely in the iOS Keychain. I recently added the same functionality to my sample PhoneGap Force.com app, leveraging the PhoneGap Keychain plugin.
I’m planning to cover the sample app in more depth in the near future, but here’s a quick video showing the new functionality in action. As always, the source is in GitHub.