Menu
I need to develop a tool in C# which interacts with a SOAP webservice. The first operation of this webservice takes a username and password to login to the application. However that tool shall be run without user interaction when providing the user credentials.
This implies that the tool knows the username and password. What would be a more or less appropriate way of storing the encryped username and password either in the program code or in an external file?
731
I would think about using the DPAPI There should be a machine specific algorithm. Which should ensure, that the data can only be decrypted on the machine on which it was encrypted.
In the linked post is also a good article linked
From MSDN:
// Encrypt the data using DataProtectionScope.CurrentUser. The result can be decrypted
// only by the same current user.
return ProtectedData.Protect( data, s_aditionalEntropy, DataProtectionScope.CurrentUser );
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
