Menu
All of the examples I have seen end up converting a SecureString back to a standard string before using it, defeating the object. What's a good way of using a secure string without this problem?
I know I can marshall the SecureString to a BSTR but what can I do with this BSTR? Can I get the characters back one at a time? If so, how?
This link includes a lot of helpful information, including how to get an unmanaged memory block for passing the string to native code (that is presumably also secure), a BCL class that uses it, and links to a couple examples:
http://bartdesmet.net/blogs/bart/archive/2006/03/31/3851.aspx
The main thing is that it's not really used that much yet, but you are free to make your own libraries that rely on it.
73
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
