How to use Type Secure Text

Hey @atevis

You can get an easy understanding from what @Florent_Salendres Mentioned.
I am just here adding some things for your understanding to get about secure string.

Secure String

Represents text that should be kept confidential, such as by deleting it from computer memory when no longer needed. This class cannot be inherited.

SecureString is a string type that provides a measure of security. It tries to avoid storing potentially sensitive strings in process memory as plain text. The value of an instance of SecureString is automatically protected using a mechanism supported by the underlying platform when the instance is initialized or when the value is modified. Your application can render the instance immutable and prevent further modification by invoking the MakeReadOnly method.

The maximum length of a SecureString instance is 65,536 characters.

For More Info - SecureString Class

A SecureString object is similar to a String object in that it has a text value. However, the value of a SecureString object is pinned in memory so to get secure string as a string you can Use the

Because the operating system does not directly support SecureString, you must convert the value of the SecureString object to the required string type before passing the string to a native method. The Marshal class has five methods that do this:
Marshal.SecureStringToBSTR, which converts the SecureString string value to a binary string (BSTR) recognized by COM.

Marshal.SecureStringToCoTaskMemAnsi and Marshal.SecureStringToGlobalAllocAnsi, which copy the SecureString string value to an ANSI string in unmanaged memory.

Marshal.SecureStringToCoTaskMemUnicode and Marshal.SecureStringToCoTaskMemUnicode, which copy the SecureString string value to a Unicode string in unmanaged memory.

Each of these methods creates a clear-text string in unmanaged memory. It is the responsibility of the developer to zero out and free that memory as soon as it is no longer needed. Each of the string conversion and memory allocation methods has a corresponding method to zero out and free the allocated memory:

Convert Secure String to String

But there is one more thing as a one liner and good as well.

Network Credential Class

String to SecureString

SecureString secure_str = new NetworkCredential(String.Empty, “AkshPass”).SecurePassword;

SecureString to String

String s = new NetworkCredential(String.Empty, secure_str).Password;

Secure String Sample.xaml (5.9 KB)

Regards…!!
Aksh

27 Likes