Home/ Questions/Q 584253
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T14:52:42+00:00

i’m developing a .net winforms desktop application intended to be run at several bank’s

  • 0

i’m developing a .net winforms desktop application intended to be run at several bank’s branches as a backup application whenever the main one (a web application) is unavailable due to connection issues with the bank’s central node. The branchs themselves don’t count with any enterprise services besides a SQL-Server database. For that reason, the application should be able to connect directly to the SQL-Server. My problem arises when I have to provide the application with a password to connect to the database:

1) Storing the password in clear text in a app.config file or similar is not an option (the customer requires the password to be encrypted)

2) Storing the password encrypted in a configuration file leads to the need of having an encryption key locally available. The encryption key could be just hardcoded in the application’s code, but it would be easily readable by using a .net-decompiler or similar.

3) Using a custom algorithm to encrypt/decrypt wouldn’t work either due to the same reasons as 2).

4) Integrated security is not supported by the bank

Additionally, the customers requires that they should be able to change the password in one location (within a branch) without the need to go from one computer to another updating config files (that rules out the possibility of using the machine’s key to encrypt the password in individual machine’s config files like asp.net does)

Would you provide any other approach or suggestion to deal with this problem?
I would appreciate any help.
Thanks in advance,
Bernabé

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I don’t think that encyrpting the password by any means is going to solve your problem. If the user has to send the password to server, and the password is located on the box, then by definition the user running the application must have access to the password and be able to decrypt it. Otherwise, you wouldn’t be able to authenticate them. This means that there will always be a way for the user to get at the password, regardless of where you store it.

    I can think of 2 ways that could possibly work, but I’m afraid they’re not exactly what you’re looking for.

    1. Remove the requirement of having the
      user send the password to the server
      by using some sort of local proxy
      (for example using a WCF windows
      service) to take your winform
      requests and then send them on your
      behalf to the DB server. If you
      install the service using an account
      different from the user’s account,
      then you can secure the password by
      any of the means mentioned in the other
      answers. They key here is to make
      sure the application user does not
      have access to the resources that
      the service account needs to decrypt
      the password.
    2. Don’t store the password in the web config. Assign each user a different user account and password at the database level and have them type it in when they log in.
    • 0