I am building a website for my brother's company. The most important element on the website is the mail function. It is important that visitors can send emails to my brother using that system. So I used this code:
message.From = new MailAddress("someemail@somedomain.com");
message.To.Add(new MailAddress("emailaddress"));
message.CC.Add(new MailAddress("emailaddress"));
SmtpClient client = new SmtpClient("smtp.live.com", 587);
client.EnableSsl = true;
client.Credentials = new System.Net.NetworkCredential("emailaddress","password");
client.Send(message);
The code is working fine, but there is one problem: I need to fill in my password and I don't want to do that. Is there a way to use something like MD5 hashes (or some other sort of encryption) or something else to secure my password?
SMTP (protocol underlying email) requires that the password be provided in plain text.
You are already securing the communication channel, which should prevent interception of the email password on the wire.
You can place the password itself into an encrypted element of web.config to protect it at rest.
Finally, consider an account used only for this purpose. Forward email from that account to your brother's account. If the password is compromised, delete the account and create a new forwarding account.
Details for the System.Net smtp email objects can be set in the app.config or web.config
http://msdn.microsoft.com/en-us/library/w355a94k(v=vs.90).aspx
IF you set your password in the config file you can then encrypt that section to prevent cursory reading of your password. But ultimately the password needs to be provided as a string.
来源:https://stackoverflow.com/questions/12359445/how-to-secure-password-in-code-c-sharp-email-client