C# - Process.Start - using global variable as password - "cannot convert from 'string' to 'System.Security.SecureString'

Question

I designed a login form and wanted the username and password entered to be stored as variables I could call in other forms (overall program is a collection of .exe files and powershell scripts that I want to run as the username and password initially entered in my login form).

At the start of the program I created "global variables" using this code:

class usernameGlobalVariable
    {
        public static string var = "";
    }
    class passwordGlobalVariable
    {
        public static string var = "";
    }

In the login form I stored the username and password entered into these global variables this way:

private void usernameTextBox_TextChanged(object sender, EventArgs e)
    {
        usernameGlobalVariable.var = usernameTextBox.Text;
    }


    private void passwordTextBox_TextChanged(object sender, EventArgs e)
    {
        passwordGlobalVariable.var = passwordTextBox.Text;
    }

When I want to start a process I call it using this code (to run it as the username and password stored by the login form):

string fileName = "c:\\hdatools\\Ping2.exe";
string arguments = "";
string domain = "vantage";
private void Button2_Click(object sender, EventArgs e)
    {

    Process.Start(
    fileName,
    arguments,
    usernameGlobalVariable.var,
    passwordGlobalVariable.var,
    domain);

    }

The main error I get is on the line passwordGlobalVariable.var, The error says

Argument 4: cannot convert from 'string' to 'System.Security.SecureString'

I've tried different ways to try to convert `passwordGlobalVariable.var' to a secure string, or to give another string variable its contents and then render that variable as a secure string. I've finally run out of ideas. Thanks in advance for the help.

Why do you use a [reserved keyword](http://msdn.microsoft.com/en-us/library/bb383973.aspx) to name a variable? This is very confusing and misleading. An example to not follow. — Steve, Jun 18 '14 at 21:07

Yair Nevet · Accepted Answer · 2014-06-19T16:08:44.870

2

Argument 4: cannot convert from 'string' to 'System.Security.SecureString'

because var is a string and not a SecureString, look:

class passwordGlobalVariable
{
   public static string var = "";
}

So change it to:

class passwordGlobalVariable
{
   public static SecureString var;
}

And later on, change your passwordTextBox_TextChanged event-handler to convert your password string into a SecureString:

private void passwordTextBox_TextChanged(object sender, EventArgs e)
{
   SecureString passWord = new SecureString();
   foreach (char c in passwordTextBox.Text.ToCharArray())
   {
     passWord.AppendChar(c);
   }

    passwordGlobalVariable.var = passWord;
}

A small side-note: Refrain from using the var word because one can be confused with the C#'s var contextual keyword.

edited Jun 19 '14 at 16:08

answered Jun 18 '14 at 20:50

Yair Nevet

12,725
14
66
108

@Yair Nevet thanks! unfortunately it does not like my quotes. It underlines my "" and the error says **Cannot implicitly convert type 'string to 'System.Security.SecureString'** – superKing Jun 18 '14 at 21:13
@Yair Nevet thanks again--I changed that and it underlines **passWord** on the line `passwordGlobalVariable.var = passWord;` Error says **Argument 4: cannot convert from 'string' to 'System.Security.SecureString' – superKing Jun 18 '14 at 21:29
@superKing you should have no string fields in your data structures. – Yair Nevet Jun 18 '14 at 21:31
1

@YairNevet you are the man! That certainly did the trick and I hope others can benefit from this answer. I would vote it up if I had enough points. For some reason someone voted down my question. No idea why...anyway thanks again, bud! :D – superKing Jun 19 '14 at 13:50
@asadali it is not needed since var is a contextual keyword and not a completly reserved one. – Yair Nevet Jun 19 '14 at 14:49
@YairNevet Yep, I am aware of that, it was only to refresh my memory since I thought that `@` could only be used for classes, not variables. – Asad Ali Jun 19 '14 at 14:51

score 2 · Answer 2 · answered Jun 18 '14 at 20:51

2

The code below create a SecureString from the string var:

   SecureString passWord = new SecureString();
   foreach (char c in var.ToCharArray())
                  passWord.AppendChar(c);

answered Jun 18 '14 at 20:51

Matt

6,010
25
36

thanks (and sorry as i'm new to coding) but will this make a new variable called passWord? Should I use the passWord variable to store the text in the password field? Will this variable be available globally? Thanks again – superKing Jun 18 '14 at 21:21
You can keep use the SecureString to store the passoword. – Matt Jun 18 '14 at 21:24

score 0 · Answer 3 · answered Jun 18 '14 at 20:51

0

var secureUsername = new SecureString();
foreach (char c in usernameGlobalVariable.var)
{
    secureUsername.AppendChar(c);
}

var securePassword = new SecureString();
foreach (char c in passwordGlobalVariable.var)
{
    securePassword.AppendChar(c);
}

This will give you two SecureStrings that you can pass into the Process.Start method

answered Jun 18 '14 at 20:51

Carlos Rodriguez

2,190
2
18
29

thank you--I tried this, but it underlines **var** saying _A namespace cannot directly contain members such as fields or methods_ It also underlines **SecureString** and says _Expected class, delegate, enum, interface, or struct_ – superKing Jun 18 '14 at 21:18
`Process.Start` overloads accepts only one `SecureString` and it should be a password and not a username. – Yair Nevet Jun 19 '14 at 16:11

C# - Process.Start - using global variable as password - "cannot convert from 'string' to 'System.Security.SecureString'

3 Answers3