Stack Overflow
Stack Overflow

Questions tagged [securestring]

Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed

SecureString object is similar to a String object in that it has a text value. However, the value of a SecureString object is automatically encrypted, can be modified until the application marks it as read-only, and can be deleted from computer memory by either the application or the .NET Framework garbage collector.

224 questions
0
votes
0 answers

How to mitigate CWE-316: Cleartext Storage of Sensitive Information in Memory in MVC Model

I have MVC model where I declare a property Password with DataType annotation as DataType.Password. Veracode scan points out the line with that property declaration. That property is getting its value assigned from a login page. I saw examples of…
gene
  • 2,098
  • 7
  • 40
  • 98
0
votes
0 answers

Clear C# String from memory - Angular

I'm trying to clear the memory contents of a C# string for security reasons. I am using a ngmodel to have the user enter their username and password, once I have the password string I convert it to SecureString. However, since the password started…
user173092
  • 127
  • 1
  • 1
  • 9
0
votes
1 answer

New-localuser with joined string password

What is going wrong with this: $pass= "kissa"+"koira" $pw= ConvertTo-SecureString $pass -AsPlainText -Force #Create local user New-LocalUser -Name $username -Password $pw -UserMayNotChangePassword -AccountNeverExpires -PasswordNeverExpires It…
Marko Mård
  • 11
  • 1
0
votes
1 answer

Exception thrown: 'System.PlatformNotSupportedException' . How to encrypt and decrypt securestring in dotnet core 3.1?

OS: Ubuntu Platform: dotnet core 3.1 I was trying to do encryption and decryption of secure string using following method.But getting following exception. Exception thrown: 'System.PlatformNotSupportedException' in…
Sk Azharuddin
  • 9
  • 3
0
votes
1 answer

Send securestring to function in a powershell module

i have a function in a Powershell module which should establish a database session with SimplySql. SimplySql takes a credential object. Now i have several problems, to send the password into the function. What i tried: When using a…
David Koenig
  • 141
  • 2
  • 10
0
votes
0 answers

SecureString's length is 0 when sent to a webapi controller

I am trying to send a SecureString to a web api controller, but it is always giving me a length of 0 at the controller's part. Here's the client's side: As you can see, it has a non-zero length at the time of serialization. By the time the…
Jacko
  • 1
  • 1
  • 3
0
votes
3 answers

Considerations in building a Secure string type

I have begun building a secure string type - which i call SecureStringV2 - to extend the existing SecureString type in the .Net framework. This new type is going to add some basic functionality (checking for equality, comparing etc) to the existing…
gogole
  • 151
  • 1
  • 2
  • 10
0
votes
1 answer

Convert SecureString with ANSI-character to unmanaged string

I am trying to copy the content of a SecureString directly into unmanaged memory. Microsoft recommends using Marshal.SecureStringToBSTR(), Marshal.SecureStringToGlobalAllocAnsi(), Marshal.SecureStringToGlobalAllocUnicode() and the corresponding…
telandor
  • 869
  • 9
  • 28
0
votes
2 answers

PowerShell : Problem with ConvertTo-SecureString and ConvertFrom-SecureString INSIDE a PSSession

I try to use ConvertTo- and ConvertFrom-SecureString in 2 Powershell scripts, but I've got a problem generating encrypted passwords with a dynamic profile, and then reading/deciphering them with the SAME profile on the SAME machine. My script ask an…
Julien D.
  • 1
  • 1
0
votes
0 answers

C# SecureString how to show password, when user wants to see?

I've read about SecureString class and read a lot of different opinions about it. And at this point, I really not sure how to use it correctly in WPF apps. The problem is at the login. I have: public SecureString MyPassword { get =>…
Nikas Žalias
  • 1,594
  • 1
  • 23
  • 51
0
votes
1 answer

Custom allocator in c++ for secure_string implementation not getting invoked

I'm developing a custom allocator for a simple and basic secure_string implementation in c++ based on https://en.cppreference.com/w/cpp/named_req/Allocator. My code, as shown below, compiles and executes. However, I noticed that the allocate,…
Rohit Gurunath
  • 97
  • 1
  • 7
0
votes
1 answer

How to send a string with security, iphone

How to send a string in most securely. Got some issue with encryption. My encrypted value in iPhone is not similar to webapp. So please suggest the most secured form of sending a string from iphone (except encryption). Thanks in advance.
Krishna Chaitanya Bandaru
  • 2,065
  • 4
  • 18
  • 26
0
votes
2 answers

Is it always unsecure if I pass a password as a string and not as a secure string?

I have just a general question: I don't quite understand when i have to use a secure string and when it is ok to use a normal string. For example lets say i want to use PrincipalContext in my application. PrincipalContext has multiple Constructors,…
calgara12
  • 117
  • 11
0
votes
1 answer

Making a securestring XML file

How can I generate a file that looks like oracle 01000000d08c9ddf... 01000000d08c9ddf0115d... I would like to use the XML file in my…
software is fun
  • 7,286
  • 18
  • 71
  • 129
0
votes
1 answer

Using stored credentials in powershell through vb.net

I've written a pair of apps; one that issues powershell scripts to clients (the server) and one that executes powershell scripts passed to it (the client). I've added functions to detect if a particular script requires elevation. In the event that a…
John
  • 755
  • 1
  • 18
  • 46
1 2 3
14 15