Is there is a best practices way to store credentials in a .NET Windows application, be it be a built in API or just a recommend encryption algorithm?
Along the same lines as Tortoise SVN, Spotify and Skype.
Edit: My intention is to use a web service that returns a token from it's authentication service. The other services then accept that token as a parameter. However, the token expires after 30 minutes so storing the token itself it pointless for this task.
It appears that using ProtectedData (which wraps the Windows Data Protection API ) is my best bet, as it has the option to encrypt based on the currently logged in user.
byte[] dataToEncrypt = new byte[] { ... };
// entropy will be combined with current user credentials
byte[] additionalEntropy = new byte { 0x1, 0x2, 0x3, 0x4 };
byte[] encryptedData = ProtectedData.Protect(
dataToEncrypt, additionalEntropy, DataProtectionScope.CurrentUser);
byte[] decryptedData = ProtectedData.Unprotect(
encryptedData, additionalEntropy, DataProtectionScope.CurrentUser);
最佳做法是永远不会存储凭据,只有Kerberos令牌......遗憾的是,并非每个资源都允许这样的身份验证。
There are a whole lot of recomendations re passwords in MSDN. You're going to need to find a managed wrapper for CryptProtectData
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.