Last post Feb 25, 2019 01:55 PM by da.3vil.coder
Feb 24, 2019 04:40 AM|da.3vil.coder|LINK
I am currently writing an Authentication Server and have gone back and forth on whether or not to use a SecureString vs a regular String for the password while in memory. Where I am well aware that you want to keep sensitive data out of memory, as it can
be copied and written to the hard drive swap file, it seems almost useless to use. Let me explain.
You have you web application that collects the username and password, then passes that on to our WebApi. Once received, the WebApi has to run it's validation logic against the password; as part of this validation logic, I must check to see if the provided
password matches the stored password. Obviously the stored one will be a hash of some sort, however, I must get access to the actual string in order to transform it into the hash. At that point, we're back to square one. The password is now in memory, which
I can't clear as C# is a managed language. In this particular scenario, at least you can say that you've reduced the amount of time that the regular string has lived in memory so there could be less copies of it around. However, there are other scenarios,
like creating and changing your password, where the regular string would be in memory for a lot longer.
What I'm curious to know is if anyone is using SecureStrings for their passwords and, if so, what advice/recommendations can you provide? Is reducing the amount of time the string resides in memory the best that we can do in C#?
Feb 25, 2019 08:07 AM|Wei Zhang|LINK
In fact , compared with Regular string, SecureString has a most fundamental advantage that user could delete it from computer memory when no longer needed.
However when you use it in Web application, if anyone except who has the administrator privileges has the way to get the message in your memory on server it is no use to SecureString. Furthermore ,he has no need to get the SecureString because
he could totally get sensitive information by intercepting http request.Of course, firewall has provided security system for your memory.
So even if it has little meaning for security,it is also has protection for your password, SecureStrings are the first step in solving a Chicken-and-Egg problem, so even though most current scenarios require converting them back into regular strings to
make any use of them at all, their existence in the framework now means better support for them in the future at least to a point where your program doesn't have to be the weak link.
Here is some link you could learn ,I hope it could help you.
Feb 25, 2019 01:55 PM|da.3vil.coder|LINK
That you for the response; it reaffirms the conversations I've been having with other colleagues on the subject. What they have told me is that SecureString is, mainly, for client side applications and for times when you're holding sensitive information
to send to a third party. They too made reference to security on the server being the primary factor and that if someone has physical access, then a SecureString won't stop them.