Advice in storing sensitive data in Windows Form Application vb.net c#

Question

I'm currently working on a Windows Application Project and I have two problems in securing data.

First,I need to make a file that store a password as string which the user should enter it every time the main form loads, I tried many ways but each one has a problem:

1. Hashing the string and save it in a file, so every time user enter the password the input password will be hashed and compared with the hashed string

   Problem: Decompiling the application let anyone see the hashing method and file location, so he/she can create text file with hashed value of any string like 0000 and replace that file with my application file, then use the 0000 to open the application

2. Using encryption algorithm with custom encryption key

   Problem: key can be accessed after Decompiling the application

---

The other problem is for connection string of an online MySql Database that used in the application but I do not want any user see the connection string:

1. Encrypting the connection string with DataProtectionConfigurationProvider

   Problem: other machines can't decrypt and use the string

2. Encrypt and save the connection string in a file and decrypt and use that file when application load

   Problem: Decryption method can be known from source code after Decompiling

Is there anyway I can use except Obfuscating the source code? I mean like storing these sensitive data in a file that can be read/written by my application only?

Feel free to write any advice about my problems and Thanks in advance

Answer 1

Try to save your files with hashed passwords in the web with read-only permissions. Or use dll written using unmaneged code (c++)