Alma
Reputation: 31
Alternatives to SecureString?
I want to use SecureString to store some confidential data.
But I saw remarks
We don't recommend that you use the SecureString class for new development.
So I would like to know if there are alternatives to SecureString?
Upvotes: 1
Views: 1205
Answers (1)
evilGenius
Reputation: 1101
Recommendation
Don't use SecureString for new code. When porting code to .NET Core, consider that the contents of the array are not encrypted in memory.
The general approach of dealing with credentials is to avoid them and instead rely on other means to authenticate, such as certificates or Windows authentication.
https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md
Upvotes: 4
Related Questions
- How to protect strings without SecureString?
- Is SecureString ever practical in a C# application?
- Using SecureString
- Configuration with a SecureString actually secure?
- SecureString for storing in memory and presenting passwords? Or something else?
- Alternative to SecureString on a .net Standard library?
- Securing a password input in c# dotnet core console app
- Is SecureString secure?
- How do I use SecureString securely?
- Considerations in building a Secure string type