This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 4%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKK%3C/text%3E%3C/svg%3E)
How can I securely store sensitive information such as tokens and keys for my .NET application in the operating system? While Credential Manager is a great option for Windows, I'm having trouble finding a code solution that works with keyring on Linux.
I tried using libsecret-1 and gnome-keyring but I found it hard to set up and have it automatically run/start when the user logs in. It relies to gui to login to keyring but I want support for distros with no gui. Tested this project.
Something I could utilize was pass which was easy to setup and use in terminal but couldnt find a library to manipulate it through code.
I have not make any search for macOS, but I think keyring is an option also(?).
Is there any better solution? The app uses SQLite which I dont know if it is possible to be encrypted or how secure the encryption is.
My application is developed using v4.7.1 of .NET.
Thanks for posting your question in the Microsoft Q&A forum.
I suggest storing this data in the database in a hashed format and loading it into memory when the application starts up for faster access. For updating the information, you can implement a handler to detect changes in the database and update the corresponding data in memory accordingly.
Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful
Hi Hossein,
Thank you for your suggestion and for taking the time to respond to my query.
I understand the security benefits of using hashing for storing sensitive data. However, since hashing is a one-way operation, it poses a challenge for my specific use case. For authentication purposes, I need to retrieve the original tokens in their unaltered form, which isn't possible with hashing, as it's not reversible.
In my scenario, encryption seems more appropriate than hashing because it allows the data to be securely stored and then accurately retrieved in its original form. This is crucial for the tokens and keys my application uses for authentication purposes.
I've been exploring secure storage solutions like Windows Credential Manager and considering similar mechanisms for Linux and macOS, such as GNOME Keyring and Keychain, respectively. However, I've encountered some challenges with platform-specific solutions, especially in non-GUI Linux environments.
If you have any recommendations or advice on cross-platform secure storage solutions or best practices for implementing encryption in this context, I would greatly appreciate it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
on linux most of the keyring apps are written in python. you might do better executing the cli. while not done on windows, unix was designed to call executables and it is fast. granted the .net code for this is more complex than the unix code
FILE *fp; /* command output stream */
char *command; /* command contains the command string (a character array) */
/* If you want to read output from command */
fp = popen(command,"r");
/* read output from command */
fscanf(fp,....); /* or other STDIO input functions */
fclose(fp);
on MacOs and IOS you use the KeyChain to store secrets.
import KeychainAccess
let keychain = Keychain(service: "com.example.myapp")
try keychain.set("secret data", key: "secret_data")
let value = try keychain.get("secret_data")
print(value)
android has a Keystore system.