Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am storing account data for my application in the “application data” local directory. I am curious to understand the proper (or a correct) way to secure this file.
As it stands, it’s a simple text file. Can I simply zip it with AES 256bit encryption? Is that safe enough? Of course, then inside my program I need to store the key, so is this a risk?
What’s the best method?
Cheers,
Adrian
You might want to consider the DPAPI (Data Protection API). This SO answer explains some scenarios you can use it for (user data, program data).
Don’t go invent your own encryption algorithms, and give the storage of your encryption keys some good thought: that is often the weakest point in the whole security chain.