2,892 questions
How to hardcore important strings in code?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(115.19999999999999, 77%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPV%3C/text%3E%3C/svg%3E)
Peter Volz
1,295
Reputation points
Hello,
My question only applies to VB.net WinForms GUI only apps, inside the code, I need to store and pass the expensive license keys to SDKs, store my own passwords for WebClient.Credentials etc.
Rather than encrypting strings done by the obfuscator at the end, is there anything on my own?
Microsoft says DE0001: SecureString shouldn't be used. Don't use SecureString for new code.
But that's for .NET and didn't mention what about .Net Framework 4.x ?
Thanks in advance for any valuable tips :)
https://github.com/dotnet/platform-compat/blob/master/docs/DE0001.md
Developer technologies VB
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2024-02-20T12:58:50.4533333+00:00 Hi Are you asking about Encrypting Strings? I am thinking about having a set of Encoded strings in My.Settings which are useless unless a specific Key is provided to Decrypt them. I have previously used such a method without issues.
-
Dewayne Basnett 1,381 Reputation points2024-02-20T18:54:41.17+00:00 Les, is the key stored externally?
-
Anonymous
2024-02-20T22:03:19.6+00:00 Hi The key could be stored or used in any way needed. The way I used it was to not store it as all and the user was given it completely separately (of course, what the user then did was another matter). It worked well in the type of project in this instance, the user could subsequently edit it to whatever was wanted.
It is the old subject of how best to protect data and the law of diminishing returns where the cost/effort gets so prohibitive that it really isn't feasible. In my case, email was sufficient. If somebody was to intercept some random emails and the be able to associate what they thought might be a password with an unknown bit of software then good luck to them.
Sign in to comment
Sign in to answer