Need direction on storing an application password  
Author Message
Perter





PostPosted: Common Language Runtime, Need direction on storing an application password Top

I find myself in the situation where my winforms application needs to store a password on the local machine. It is a fairly simple standalone application that does not need a database but needs a password stored for access to known hardware. I am familiar with AES and am aware of some of the precautions neccessary to correctly implement AES. AES will let me store and retrieve an encrypted password confidently. Where my knowledge and faith begin to fade is having a good way to implement the key.

I would need to store the encryption key somewhere local in order to be able to decrypt the password. Perhaps the key can be disguised somehow but if someone was able to access the assembly I'm sure ILDASM could be used to figure it out. Obfuscation may help here but we cannot afford any of the good third party tools. (I wish .NET had a better solution in this area!)

Anyways, I would really appreciate any insight or direction.



.NET Development10