We have an old legacy app and I'm trying to understand the purpose of this code:
string password = "PLAIN_TEXT_PASSWORD";
foreach (char c in password) securePassword.AppendChar(c);
string btsr = System.Runtime.InteropServices.Marshal.SecureStringToBSTR(securePassword);
password = System.Runtime.InteropServices.Marshal.PtrToStringAuto(btsr);
It looks like an attempt to obtain a plain text password from a secure string of the plain text password? I'm thinking the intent was to NOT hardcode the plain text password and to instead use a SecureString, but it seems to me that at the end of this code, password would be equal to whatever it was set to at the beginning?
