Securely store a password in program code?

Question

My application makes use of the RijndaelManaged class to encrypt data. As a part of this encryption, I use a SecureString object loaded with a password which get\'s get con

Answer 1

Let me tackle your final question first.

"Would this be secure enough?"

The only one that can answer that is you. Nobody here knows what "secure enough" means in the context of your application.

Are you building an application to keep the diary of teenage girls? Sure, it would be "secure enough".

Are you building an application to encrypt information or authentication for military grade secure systems? Nope, not even close.

You can only rely on one type of security if you intend to store the password in your source code and thus executable, and that is security by obscurity.

If your problem is that you can't, or won't, store the password in the source code, then moving it into a separate dll solves nothing, you've just moved the problem to a different project.

However, I'm wondering about something. You say "I have to default to something". Is that it? You're trying to store a default value for the secure password string in the source code? How about "THISISNOTAPASSWORD"?