SecureString password stored in the database

SecureString is represented as byte [], you can encode bytes, for example. with the bit converter and save the result. In addition, SecureString is encryption, not a hash, because it can be decrypted. (see below)

SecureString is primarily designed to store sensitive data in memory . If you have a service / website, it is not as important as the values ​​that are stored in the database. They should never be plain text, and imo should not be decrypted by your or any administrator. In addition, I'm not sure that another server can decrypt the strings, so you may have a problem when changing the server or in some cluster scenario.

Especially for passwords, it is preferable to use hash algorithms (for example, SHA256 ). They cannot be encrypted (for example, the sum of the digits). If you use the funtion login function, you must encrypt the userinput and compare the hashes of the user and those that are in the database. (see below for more details) I would also suggest adding dynamic criteria, such as a user ID, to hashinput so that 2 users with the same password have different hashes.

With this strategy, you do not have risc with userpasswords, and therefore, if the data is leaked, this will not be a problem at the moment.

Here is a quick overview of using hash algorithms

So (if given a securestring), first decrypt the SecureString

 String SecureStringToString(SecureString value){ IntPtr valuePtr = IntPtr.Zero; try{ valuePtr = Marshal.SecureStringToGlobalAllocUnicode(value); return Marshal.PtrToStringUni(valuePtr); } finally{ Marshal.ZeroFreeGlobalAllocUnicode(valuePtr); } } 

Than a hash it, for example, with SHA256. From this post

  using (SHA256 hash = SHA256Managed.Create()) { Encoding enc = Encoding.UTF8; //the user id is the salt. //So 2 users with same password have different hashes. //For example if someone knows his own hash he can't see who has same password string input = userInput+userId; Byte[] result = hash.ComputeHash(enc.GetBytes(input)); foreach (Byte b in result) Sb.Append(b.ToString("x2")); //You could also use other encodingslike BASE64 } 

Save this hash. Depending on your encoding, this might look like this:

ac5b208b4d35ec79fa7c14b7a31f9c80392cdab2bc58bc5b79bcfe64b044d899

in your database. If the user subscribes, then create a hash from your input and compare it with the hash in the database. if they are equal, then the password is correct. Therefore, you never need to store the plaintext user password anywhere.

If the client makes a hash, then it should absolutize, if not where it exists as plaintext (except for the text field, if it does not support securestring)

PS: this is only one option. But the main thing is to never store text words anywhere. For the best, never know them and do not have any changes to decrypt them.

Another strategy would be to use asymmetric ciphers like RSA , but this can get complicated. If you need help, I would recommend you a special post.

Depending on your requirements and requirements, most of the time hashsums should be an acceptable solution. (But this is not legal advice, as I am not a lawyer)