Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
In many Application’s i had Cases where i should write Username and Password’s in my Application inside the Class ,like HTTP Authentication ,FTP Authentication MSSQL Server Connection String also Provides Authentication Information’s ,so which is the Best way to protect these Information’s because someone could Decompile my Application easily maybe using Reflector and get these Information’s which can be useful for some Attack’s or something like that .
Bests
Can you explain more specifically what your general goal is? Usually there’s better designs than hard coding passwords and authentication tokens.
There’s really nothing you can do to protect those secrets if you are distributing your application. Even encrypting your config files, the application still needs the key to decrypt, so your attacker has all they need.
You can choose other designs though, such as prompting a user for their own unique password, and then making database calls against a web service, rather than distributing an application that connects directly to a central database. But you’d have to explain the scenario for a better recommendation.