12.17. Work with Security-Sensitive Strings in Memory
Problem
You need to work with sensitive string data, such as passwords or credit card numbers, in memory and need to minimize the risk of other people or processes accessing that data.
Solution
Use the class System.Security.SecureString to hold the sensitive data values in memory.
How It Works
Storing sensitive data such as passwords, personal details, and banking information in memory as String objects is insecure for many reasons, including the following:
String objects are not encrypted.
The immutability of String objects means that whenever you change the String, the old String value is left in memory until it is dereferenced by the garbage collector and eventually overwritten.
Because ...
Get Visual Basic 2008 Recipes: A Problem-Solution Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.