2

I'm about to release a console application onto one of our servers to be run by the task scheduler on a daily basis. Based on certain conditions, the application will email selected users through Office 365. In order to email users, of course, I'll need to use the credentials for an email account.

Given that this is an internal application on one of our servers, is embedding the username and password in the code safe? If not, what is the best practice to securely get around this?

If it helps, this is my code for the email function (written in C#):

String userName = "my.email@organization.ca";
String password = "myPassword";

MailMessage msg = new MailMessage();
msg.To.Add(new MailAddress(user.getEmail()));
msg.From = new MailAddress(userName);
msg.Subject = "My Subject";
msg.Body = "My message";
msg.IsBodyHtml = true;
SmtpClient client = new SmtpClient();
client.Host = "mail.office365.com";
client.Credentials = new System.Net.NetworkCredential(userName, password);
client.Port = 587;
client.EnableSsl = true;
client.Send(msg);

Edit: I should add that only administrators have access to this specific server.

Jonathan Prall
  • 57
  • 1
  • 8
  • why don't you encrypt the password inside the App.Config and read from there.. do a google search on how to encrypt .Confg Sections easier than hard coding it also refactor your code so that it takes advantage of the `Auto Disposing of Objects` but using the `using() { }` construct – MethodMan Dec 04 '17 at 14:04
  • No, this is not safe, nor is it flexible in the case of compromised passwords. These values should be gathered as configuration at installation/first-run time. – spender Dec 04 '17 at 14:05
  • To clarify, only administrators have access to log into this specific server. – Jonathan Prall Dec 04 '17 at 14:09

2 Answers2

1

is embedding the username and password in the code safe

Of course not. Storing credentials without decent protection is never safe. Every user having access to the code or the executable can extract the credentials.

If I were you, I would store those credentials in an encrypted file on the machine it runs in a place where only the service user can access it. Encrypt the file with a device-specific key, so even if other users can obtain the file, it is useless to them since they can't decrypt it.

Patrick Hofman
  • 153,850
  • 22
  • 249
  • 325
1

It's not safe in that anyone with access to that code or the application can get the password to the account with ease.

It's about risk vs reward. If a malicious player has access to the code or server then surely you have bigger issues to worry about than someone being able to access a mail account that can easily be recovered or shut down.

Is it worth going through extra trouble to prevent this outcome? It's up to you.

Arguably the configuration details should at least be in App.config so that they can be easily changed if a password expires, otherwise you'd have to recompile and redeploy the entire solution.

Ideally you should look into the various means available to you to perform encryption of your configuration file if you want to be as safe as possible. A simple search for c# encrypt configuration has enough material to get you started.

Equalsk
  • 7,954
  • 2
  • 41
  • 67