I’ve a winforms application that is using SQLite database. There is no encryption on the database (data has to be shared with other user). It is a stand alone application with a stand alone local database.
The difficulty I’m encountering is when people go to bring all the data together. The databases are attached, data imported, but records are differentiated by a database GUID.
At any rate I am desiring to have a database selection screen that is protected by a password to prevent users mistakenly switching databases (and some level of protection against malicious use).
Thinking it’s probably not a particularly good idea to store the password in an unecrypted database. Security is not a large issue as this is only distributed to users that need the software.
What would be the best method to have the user type a password when they attempt to access the database selection screen? ShowDialog? Pop open a new child form with a password TextBox, then on validation (via button?) close the password form and open the protected form?
I see a fair bit about protecting a whole application, but not so much about a specific form.
I think that your best option is to show a dialog (could be as simple as an input box or a whole form) immediately before the call to show the form.
In my mind, it is always best to intercept the action as close to point of origin as possible. This prevents you from having to open and shut the form and, in general, I think provides a better user experience.