SecureString support?
Closed this issue · 4 comments
Microsoft has implemented the SecureString class in an effort to provide better security with sensitive information (like credit cards, passwords, etc.). It automatically provides:
- encryption (in case of memory dumps or page caching)
- pinning in memory
- ability to mark as read-only (to prevent any further modifications)
- safe construction by NOT allowing a constant string to be passed in
Could this be useful for password handling in OpaqueMail? Obviously the old constructors that accept a normal string should remain for compatibility.
Hi beppe9000, thanks for the feedback.
SecureString is a great idea in theory, although it has limitations in practice. Check out this StackOverflow thread, which explores the pros and cons.
In short, SecureString can lull developers into a false sense of security if they mistakenly convert SecureString to or from managed strings (since the raw password will be stored in memory). While that shouldn't ever happen, there's a lot of source code online that tells users how to do just that.
I'm open to adding a SecureString constructor. Please feel free to submit a pull request. Thanks!
Hi beppe9000, I went ahead and added support for SecureString in the constructors of ImapClient and Pop3Client as of release 2.4.0. SmtpClient can also utilize SecureString via the default NetworkCredential constructor. Thanks again for the suggestion.
Good to know! I will certainly make use of them next time I can.