What is equivalent for SecureString in WinRT?

Question

What is equivalent for SecureString in WinRT?

There is no SecureString class in the .NET API for Windows Store applications. Also PasswordBox does not save the password in a safe line. What is equivalent to storing strings in a Windows Store app? Or Windows 8 has some kind of secure mechanism so that others cannot read the application’s memory (or a memory dump after a deliberate failure)

+6

windows-store-apps windows-runtime

Jürgen bayer Dec 29 '12 at 16:39

source share

1 answer

Hans passant · Accepted Answer · 2012-12-29T17:54:45+0000

Not. Misses in the .NET api applications for the store were made either because the class simply could not work in the WinRT application, because it relied on inaccessible OS support, because it was possible to reduce some dead forests within the framework, or because the class was simply plain not makes sense in the Store app.

The absence of a SecureString greatly favors the “no sense” explanation. No attacker will ever encounter the problem of trying to dig a string from a few gigabytes of paging file data. Easy just download your application from the store and use the debugger in the comfort of your own home.

What is equivalent for SecureString in WinRT?

More articles: