Why I should use SecureString over string?

Question

Exploring an existing project, I just came to this code. Questions came to mind is, when and why I should use SecureString over string? What are the benefits it provides?

public interface IAuthenticationService
{
    bool Login(string username, SecureString password);
}

Note: My point of interest is to simply know the additional benefits SecureString provides over string.

Answer 1

The purpose is to avoid the password(or so called sensitive sting) to be stored in memory as plain text. That would make the application potentially vulnerable. However it could not be generally possible as the string at the end have to be transferred to plain text by framework itself. So what SecureString actually does is shortening that period when sensitive string is kept in the memory.

However it is kind a obsolete and not recommend anymore for the new development, link.

Answer 2

As the close answers above or below (great minds think alike :)) there is alink why Secure string over string class and there is a link why you should avoid to use it.

Answer 3

Secure strings were introduced to provide more protection for storing string which needed security (e.g. passwords).

At a simple level secure string work by encrypting the content of string and storing that in the memory. However this encryption will happen only on dot net framework.

For new development using this to secure important information is not advised.

Details about the class are available at: Secure Strings

Answer 4

As its name suggests, its main purpose is to provide security. Normally the strings/texts with sensitive information (like credit cards, passwords, etc.) that should be kept confidential are stored in SecureString variable. This string gets deleted from computer memory when no longer needed. The value of an instance of SecureString is automatically protected using a mechanism supported by the underlying platform when the instance is initialized or when the value is modified.

A SecureString object is similar to a String object in that it has a text value. However, the major difference is as follows-

String It is not possible to predict when an instance of the System.String class will be deleted from computer memory. So, if a String object contains sensitive information, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory.

SecureString The value of a SecureString object is pinned in memory and it automatically provides encryption, ability to mark as read-only, safe construction by NOT allowing a constant string to be passed in