Stack Overflow
Stack Overflow

Questions tagged [securestring]

Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed

SecureString object is similar to a String object in that it has a text value. However, the value of a SecureString object is automatically encrypted, can be modified until the application marks it as read-only, and can be deleted from computer memory by either the application or the .NET Framework garbage collector.

224 questions
0
votes
0 answers

Confusion with Securestring

I am hopefully being a bit thick. I need to write a program that has a machine local admin account username and password hardcoded into it (so a normal user can call validatecredentials on a principalcontext) Private Function validateAD(ByVal…
Peterp
  • 100
  • 13
0
votes
2 answers

Do I have to encrypt SecureString when persisting to disk?

For a C# console app, I need to persist a password in the application settings but when I create a setting of type System.Security.SecureString the setting itself is removed from the plain-text config file. Since I can't see the raw value anymore I…
Brian Mitchell
  • 849
  • 1
  • 8
  • 24
0
votes
2 answers

Java console input validation to prevent DOS attack

All, I have written a java code that needs to check an entered text by the user using the console, I want that the code tests the entered line to not exceed for example 20 letters, I wrote it as follow: String getName() { boolean badName =…
Hex
  • 145
  • 1
  • 2
  • 12
0
votes
0 answers

How can I avoid unencrypted copies of my data in memory after decryption?

I am trying to write some functions which allow encrypting/decrypting a chunk of data. For compatibility reasons, it needs to be symmetrical encryption which can be saved on one machine and read back on another, so that rules out the use of…
Steve In CO
  • 5,746
  • 2
  • 21
  • 32
0
votes
1 answer

C#: has it sense convert string to secure string?

I would like to use secure string to have a password in a variable. The password I get it from the database, because I am using hashed password and I need to compare the password given by the user and tha hashed password that I have in the…
Álvaro García
  • 18,114
  • 30
  • 102
  • 193
0
votes
3 answers

C# - Process.Start - using global variable as password - "cannot convert from 'string' to 'System.Security.SecureString'

I designed a login form and wanted the username and password entered to be stored as variables I could call in other forms (overall program is a collection of .exe files and powershell scripts that I want to run as the username and password…
superKing
  • 79
  • 1
  • 6
  • 14
0
votes
1 answer

Singleton To Ensure Password Security

I am making a little project that requires me to access one of my email accounts frequently to send emails. With that being said, I obviously know the log-in information ahead of time, and in order to protect the password from being created into a…
David Venegoni
  • 508
  • 3
  • 13
0
votes
1 answer

Storing an encrypted string in a database

I need to store the passwords of X.509 certificates in a database. But there's a problem: I can't hash the passwords, so I need to store them in encrypted form. How can I do this without explicit encryption and decryption? Also, is it possible to…
Knerd
  • 1,892
  • 3
  • 28
  • 55
0
votes
1 answer

Decrypt string with Rijndael return "System.SecureString" (as a string) but not the string

I'm using Rijndael Algorithm to encrypt strings (user passwords), but when I decrypt them, it returns me "System.SecureString", and not my decrypted password. I'm using this basic code: public static string DecryptString(string cipherText, string…
crocteamgg
  • 65
  • 2
  • 7
0
votes
0 answers

Possible to prevent ASP.NET from storing Request variables in memory?

Apparently, using SecureString with ASP.NET doesn't really make sense because ASP.NET automatically stores request parameters in plain text. But is there a way to hack ASP.NET to make SecureString usable in this scenario? For example, would it be…
John B
  • 20,062
  • 35
  • 120
  • 170
0
votes
0 answers

Passing SecureStrings in Powershell for LDAP query when not a member of domain

I've saved a SecureString with ConvertFrom-SecureString to a file and have code to extract and convert the encrypted string back to a SecureString. However, when using the SecureString to authenticate and query a domain with…
SPIONU
  • 1
  • 1
0
votes
1 answer

Securestring and other ways to hiding string data

I recently came across SecureString, but as most of you know, you would be unable to use it because most of the functions you want to use accept string as parameter, not SecureString. How to use SecureString then? If I need to pass string across…
TPR
  • 2,567
  • 10
  • 41
  • 65
-1
votes
1 answer

How to securely display a randomly generated password in WPF

By "securely", I mean in such a way that GC doesn't move it around in memory, copying is kept to a minimum, and it's removed from memory as soon as it's no longer needed. I have the code for generating a random password, but I need to display it and…
mousebyte
  • 61
  • 7
-3
votes
2 answers

A SecureString is safe as global application variable?

I have a an application with a first screen for the login. The password is entered in a password textbox, which is a secure string. My idea it is store this SecureString in a global application variable because I will need it in some actions, so I…
Álvaro García
  • 18,114
  • 30
  • 102
  • 193
1 2 3
14
15