securestring

问题 I wonder if there are any implicit assumptions that I've taken that may make the code malfunction? There is a reason I want to avoid using Import-Clixml cmdlet? Hence, I've developed an alternative, i.e. a sequence of command that is aimed to extract username and password from CliXml file created with Export-Clixml. It works by now but I'm not sure if for instance the splitting solution is reliable. $credFileUriBld = [UriBuilder]::New('file','localhost',-1,"MyCredentials.xml")) $credFile =

问题 I wonder if there are any implicit assumptions that I've taken that may make the code malfunction? There is a reason I want to avoid using Import-Clixml cmdlet? Hence, I've developed an alternative, i.e. a sequence of command that is aimed to extract username and password from CliXml file created with Export-Clixml. It works by now but I'm not sure if for instance the splitting solution is reliable. $credFileUriBld = [UriBuilder]::New('file','localhost',-1,"MyCredentials.xml")) $credFile =

问题 I have been writing a little program for myself using C# that I can use to store my passwords and then retrieve them for viewing/editing. While the passwords are stored to disk in an encrypted format, when they are read into memory for display/editing on a form, they are unencrypted. I have learned that having unencrypted passwords in memory is a pretty big security problem, so I came across the SecureString class. Would there be a more secure way to do this than using the SecureString class,

问题 In the small application that I'm currently developing for a customer I need to ask the user for his windows login username, password and domain and then use those with System.Diagnostics.Process.Start to start an application. I have a textbox with UseSystemPasswordChar to mask the entered password. I need a System.Security.SecureString to feed the password to System.Diagnostics.Process.Start . How do I convert the entered text to secure string while not doing it one character after another?

问题 WPF's PasswordBox returns a SecureString, which hides the password from snoopers. The problem is that you eventually have to get the value of the password, and the suggestions I've found on the net all involve copying the value into a string, which gets you back to the problem of snoopers. IntPtr bstr = Marshal.SecureStringToBSTR(secureString); string password = Marshal.PtrToStringBSTR(bstr); Marshal.FreeBSTR(bstr); But if you really think about it, you don't really need the value, as a

问题 I have an existing SecureString that I would like to put into a PasswordBox without revealing the .Password . Can this be done? For example: tbPassword.SecurePassword = DecryptString(Properties.Settings.Default.proxyPassword); In this case DecryptString produces a SecureString. However, SecurePassword is a read-only property so I can't assign a value to it. 回答1: You can't. However, what you can do is put placeholder text in it's place (it can even be "placeholder" , we are only using it to

问题 Is it possible to concatenate a secure string with variables and unsecure strings in PowerShell? I have a formula that is used for local administrator passwords in our standalone environment (no domain). I would like to store part of that formula in a file securely, then get that, convert it to a regular string, and concatenate it with another object and another string to form the password. My intent is not to expose our formula in plain text in the workflow that I am putting together. Is

问题 I have a SecureString in my C# code that I need to pass into a DLL. I would prefer to not do a Marshalling as it seems that when this occurs the SecureString is unencrypted (and hence not secure anymore). So the question is whether or not there is a C# SecureString equivalent in C++ so that I can pass the SecureString from my C# code into the C++ DLL ... or if there is a better/different way such that I do not need to unencrypt the SecureString to pass it to the DLL. 回答1: Assuming your C++

问题 I've a general question about a SecureString as connection string for MySql-Connector. If i understood it right, SecureStrings are a "safe" way to store strings within my program. Now i've two problems with that: I've to read in the password at installation ( TextBox which is string and therefore unsafe) I've to build a connection string for the MySQL-Connector which is string (unsafe again) example: MySqlConnection con = new MySqlConnection(); MySqlConnectionStringBuilder builder = new

问题 I've a general question about a SecureString as connection string for MySql-Connector. If i understood it right, SecureStrings are a "safe" way to store strings within my program. Now i've two problems with that: I've to read in the password at installation ( TextBox which is string and therefore unsafe) I've to build a connection string for the MySQL-Connector which is string (unsafe again) example: MySqlConnection con = new MySqlConnection(); MySqlConnectionStringBuilder builder = new