如果我将密码作为字符串而不是安全字符串传递，是否总是不安全？

Question

I have just a general question: I don't quite understand when i have to use a secure string and when it is ok to use a normal string.

For example lets say i want to use PrincipalContext in my application.

PrincipalContext has multiple Constructors, few of which accept a password as a string.

PrincipalContext(ContextType type, String name ,String username, String password)

Would it cause a security problem if i pass a password as a string in this constructor? Would the password be visible in plain text anywhere? Could a hacker theoretically read this password?

Would there be a way to use a secure string instead?

I am new to the security part of programming, so i would really appreciate if someone could help me understand this.

Thank you!

Answer 1

If your environment (GUI, storage, data access objects, ...) supports SecureString , then keep the passwords in SecureString as long as you can (all the way if possible). If not, there is no other choice as to use a string .

Using SecureString is an advantage, because the app can control the memory containing the password and can clean it up if not used anymore (a string depends on the garbage collector). On the other side it gives an attacker a clue of where to look for interesting information, though with having access to the memory already this seems not to be a big thing.

To answer your question, no it doesn't make your application unsecure, but if there is the possibility to keep the password in SecureString all the way, it should be done.

Answer 2

Strings are immutable and can be accessed when some other process dumps it before the Garbage collection handles it.

Reference link .