Reputation: 53
C# How to store password in application
I am trying to write an app, that will be scheduled to autodownload one page from a Sharepoint server every hour. It is an xml file. Everything works so far, except I do not like storing the password needed to connect to Sharepoint in plaintext in my app. Sample code here:
WebClient client = new WebClient();
String username = "myusername";
String password = "mypassword"
String filename = "C:\\Temp\\" + DateTime.Now.ToString("yyyyMMddHHmmssffff") + ".xml";
client.Credentials = new System.Net.NetworkCredential(username, password);
string credentials = Convert.ToBase64String(Encoding.ASCII.GetBytes(username + ":" + password));
client.DownloadFile("myurl", filename);
Is there a way how to make it harder to read my password if someone got the executabe file from my server and disassembled it e.g. with Reflector?
I have found this:
How to store passwords in Winforms application? but I did not really figure out how to use it in my app.
Upvotes: 5
Views: 2355
Answers (2)
Reputation: 157118
In fact you'd better not use passwords. If the service runs under the right credentials, you can use that one by using the DefaultNetworkCredentials:
So in your sample:
client.Credentials = CredentialCache.DefaultNetworkCredentials;
This will get you the credentials of the current network user, like DOMAIN\USER.
Upvotes: 6
Reputation: 54477
If you must store the password with the app, put it in the config file and then encrypt the appropriate section(s) of that using Protected Configuration.
Upvotes: 1
Related Questions
- Securely store a password in program code?
- Securely store a password in the application in C#
- Store password securely and retrieve it later
- Is it secure to store password in C# code?
- Any way to store a password securely in an application
- Password storage in code. How to make it safe?
- how to store database password
- How to keep Encryption Password inside of the application?
- Store password in application
- Where to store password in runtime?