Visual Basic 2008 Recipes: A Problem-Solution Approach

12.17. Work with Security-Sensitive Strings in Memory

Problem

You need to work with sensitive string data, such as passwords or credit card numbers, in memory and need to minimize the risk of other people or processes accessing that data.

Solution

Use the class System.Security.SecureString to hold the sensitive data values in memory.

How It Works

Storing sensitive data such as passwords, personal details, and banking information in memory as String objects is insecure for many reasons, including the following:

String objects are not encrypted.
The immutability of String objects means that whenever you change the String, the old String value is left in memory until it is dereferenced by the garbage collector and eventually overwritten.
Because ...

Get Visual Basic 2008 Recipes: A Problem-Solution Approach now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Visual Basic 2008 Recipes: A Problem-Solution Approach by Todd Herman, Allen Jones, Matthew MacDonald, Rakesh Rajan

12.17. Work with Security-Sensitive Strings in Memory

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly