Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is there some sort of secure local storage on Windows?

Tags:

I was thinking of making a small tool. It is not important what the tool will do. The important thing, is that the tool will need to store some sensitive information on the user's HDD. EDIT: The information that will be stored is USER'S information - I'm not trying to protect my own content, that I distribute with the app.

I understand that I need to encrypt this information. But then, where do I safely store the encryption password? It's some sort of an infinite recursion...

So, is there a way, to encrypt information on windows, and have windows securely manage the passwords? When I say windows I mean Windows XP SP2 or later.

I should also note, that users on the same system must not have access to other users information (even when they are both running my application).

I'm looking for both - .NET 2.0 (C#) and native (C/C++) solutions to this problem.

like image 543
Paulius Avatar asked Jan 14 '09 09:01

Paulius

People also ask

Is local storage secured?

On the downside, localStorage is potentially vulnerable to cross-site scripting (XSS) attacks. If an attacker can inject malicious JavaScript into a webpage, they can steal an access token in localStorage. Also, unlike cookies, localStorage doesn't provide secure attributes that you can set to block attacks.

Can local storage be hacked?

As local storage was never intended to be secure, there is no data protection and any JavaScript on the website can access it. Hackers can exploit the existing XSS vulnerability on the website like the following screenshot when the user browses to https://set-localstorage.herokuapp.com/xss-injected-page.html.

Can you encrypt local storage?

Encryption and decryption is a ways to save data securely to localStorage. However, in this scenario, you'll need a shared secure key to encrypt and decrypt data.

1 Answers

is there a way, to encrypt information on windows, and have windows securely manage the passwords?

CryptProtectData: http://msdn.microsoft.com/en-us/library/windows/desktop/aa380261(v=vs.85).aspx

Using from .NET: http://msdn.microsoft.com/en-us/library/aa302402.aspx

Historically, Protected Storage (available in XP, read-only in vista+): http://msdn.microsoft.com/en-us/library/bb432403%28VS.85%29.aspx

like image 161
bobince Avatar answered Nov 16 '22 22:11

bobince
Sign in to Comment

Related questions

Linq to SQL: execution order when calling SubmitChanges()
How do you enable customers to log in to your site using their Google account?
Is there a difference between an Entity and a object?
Disable Java reflection for the current thread
Can't dynamically add rows to a <TABLE> in IE?
ASP.NET MVC switch language, how to implement?
Multiple antrun tasks in maven
jQuery append Google Adsense to div
Passing initial into Django's ModelFormSet
Eclipse svn ignore bin
"[Lightweight Function]" in the call stack
How to loop through files and rename using PowerShell?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!