Home/ Questions/Q 3854710
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-19T17:39:53+00:00

I am writing a .net(C#) windows application to store user passwords in it, like

  • 0

I am writing a .net(C#) windows application to store user passwords in it, like keypass, lastpass, roboforms etc.

To process the user data i have to keep it in memory this data also contains Passwords of the user.

Now my Questions are:

  1. Can someone read the Memory Data using some tool or memory dump?
  2. If yes then How? Can someone share such tool? i tried with CurrProcess, HeapViewer,ProcessExplorer and ProcessView applications but can’t find any private data in memory dump,
  3. Do I need to learn something else to ensure the protection of in memory passwords.

Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Yes, there exist tools that capture all physical memory (and pagefile) for further investigation. They are called “forensic” and you can find some by adding this keyword to your searches. If you want to capture memory in your code (i.e. write such program yourself), this is possible using our RawDisk product.

    As for protecting your passwords, Kobi mentioned SecureString class, which is supposed to securely store strings in memory. While this class is not a 100% protection ( the password is decrypted anyway when you use it ), but makes password capture much less likely.

    • 0