Menu
Is there any guidance on actually using the SecureString in a secure manner? I don't see there being any way to even create the secure string in the first place, as you are going to need it to be typed in from a textbox at some point.
580
SecureString purpose is to encrypt the storage of the data in memory. This protects against clear text memory scans. This can be even more important if the portion of memory holding the string is moved to a swap file during paging operations.
It's a bit like a steering wheel crook lock for a car. It won't stop your car being stolen by someone who is determined, but it certainly puts off opportunistic thieves.
168
It's all about reducing the attack surface. It won't magically make your application 100% secure but it certainly helps.
29
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
