Reputation: 8981
NetworkCredentials exposes password in plain text
I'm about to create an authentication module in my C#/WPF application. To authenticate the user, I would like to use NetworkCredential to store the credentials.
Credential = new NetworkCredential(credential.UserName, credential.Password);
Where the credential.UserName is a string and credential.Password is of the type SecureString. When debugging the application I can see the password in plain text as well as in secure string
Why is the password exposed as plain text? Isn't this a possible security threat?
Thanks for answering.
EDIT:
For the record, the NetworkCredential object shall be used on the WCF client, like this:
client.ClientCredentials.Windows.ClientCredential = Credentials
Upvotes: 3
Views: 11342
Answers (2)
Reputation: 32202
The NetworkCredential class internally always stores the password as a SecureString:
public string Password {
get {
ExceptionHelper.UnmanagedPermission.Demand();
return InternalGetPassword();
}
set {
m_password = UnsafeNclNativeMethods.SecureStringHelper.CreateSecureString(value);
}
}
When someone needs to retrieve the password as plain text (which at some point will be needed, either from this class or somewhere further down the chain), it retrieves it from the secure string:
internal string InternalGetPassword() {
string decryptedString = UnsafeNclNativeMethods.SecureStringHelper.CreateString(m_password);
return decryptedString;
}
When using the debugger, it shows the properties, so the value is retrieved from the SecureString
Upvotes: 14
Reputation: 63732
SecureString has nothing to do with encryption! (a gross oversimplification - it's possible it's also encrypted, but that's not all that important here; if you create a SecureString from a normal string, you've already negated plenty of gain of SecureString - short-term)
It's simply a string that can be deterministically deallocated. This is important for security reasons, since .NET strings may be very long lived (for interned strings, the whole life of the application).
NetworkCredential is not used for storing credentials - it's just a simple wagon to get them where they are going - a common API, basically.
Upvotes: 2
Related Questions
- Plain password in .net core SignInManager Identity
- C# password doesn't encrypted correctly
- why is use of "new NetworkCredential(username, password)" not working for Basic Authentication to my website (from a WinForms C# app)?
- Forms authentication with NetworkCredentials fails
- Can't get the network credentials to work
- Create NetworkCredential instance using a MD5 encrypted password
- NetworkCredential working for POST but not GET
- NetworkCredential error in ASP.NET
- Why does CredentialCache.DefaultCredential contain empty strings for domain, username, and password
- C# Network credentials not being passed to server?