[英]How to store FTP credentials securely in C# application?
I am developing a C# WPF application in which the user generates an image and then the app uploads it to a webhosting using FTP connection. 我正在开发一个C#WPF应用程序,其中用户生成图像,然后该应用程序使用FTP连接将其上传到虚拟主机。 The credentials for the FTP connections are always the same and are currently stored simply in the source code.
FTP连接的凭据始终相同,并且当前仅存储在源代码中。 I know that using .NET Reflector, a hacker can very easily obtain the username and password for the FTP connection.
我知道,使用.NET Reflector,黑客可以很容易地获得FTP连接的用户名和密码。 How and where could I store these credentials to be secure from decompilation?
如何以及在何处存储这些凭据以防反编译? Or is there a better way instead of using FTP to upload the file?
还是有更好的方法来代替使用FTP上传文件?
You cannot allow a user access to a program that itself knows credentials which you don't want the user to know. 您不能允许用户访问本身知道您不希望用户知道的凭据的程序。 The user will always be able to eventually extract the credentials from the program.
用户将始终能够最终从程序中提取凭据。 You may be able to slow them down, but the usual copy-protection calculus applies:
您可能可以放慢它们,但是通常的复制保护演算适用:
Depending on your relationship to the user and the computer they are using, you have some alternatives: 根据您与用户和他们使用的计算机之间的关系,您可以选择以下方法:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.