Hi
I was just looking for a way to encrypt passwords on my app since a user would be using their passwords for various 3rd party accounts and obviously i dont want them compromised.
I stumbled one of jmcilhinneys code bank examples using SystemManagement to write connectionstrings and appsettings to a config file and then encrypting it, it looks perfect so i was digging around msdn for more info, as usual more then i can take at this hour on msdn, so i went back to the example jmcilhinney left and it all looks quite simple, i was thinking though what the relationship between My.Settings and SystemManagement. i never tried either as i never needed to until now.
for now im going to use the example by jm and modify it, i already referenced system.management, is there anything else missing?
then all i need to do is add the encryption code
i noticed that the configurationsavemode is different here, is it better i keep these 2 blocks of code seperate or can i join them together?
and should i encrypt it everytime its modified or should i check first if it already is encrypted?
i'm also wandering, is this encryption secure against attack, if another application tried to unprotect the section would it?
:) tnx
EDIT: one more question, can i save objects in a config file?
I was just looking for a way to encrypt passwords on my app since a user would be using their passwords for various 3rd party accounts and obviously i dont want them compromised.
I stumbled one of jmcilhinneys code bank examples using SystemManagement to write connectionstrings and appsettings to a config file and then encrypting it, it looks perfect so i was digging around msdn for more info, as usual more then i can take at this hour on msdn, so i went back to the example jmcilhinney left and it all looks quite simple, i was thinking though what the relationship between My.Settings and SystemManagement. i never tried either as i never needed to until now.
for now im going to use the example by jm and modify it, i already referenced system.management, is there anything else missing?
Code:
Private Function SaveAppSettings() As Boolean
Dim result As Boolean = False
'Open the primary config file.
Dim config As System.Configuration.Configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None)
Dim appSettings As KeyValueConfigurationCollection = config.AppSettings.Settings
appSettings("Username").Value = 'username in my class'
appSettings("Password").Value = 'password in my class'
'Save the changes to the config file.
config.Save(ConfigurationSaveMode.Modified)
ConfigurationManager.RefreshSection("appSettings")
result = True
Return result
End FunctionCode:
'Encrypt the app settings section.
With config.AppSettings.SectionInformation
.ProtectSection(Nothing)
.ForceSave = True
End With
'Save the changes.
config.Save(ConfigurationSaveMode.Full)and should i encrypt it everytime its modified or should i check first if it already is encrypted?
i'm also wandering, is this encryption secure against attack, if another application tried to unprotect the section would it?
:) tnx
EDIT: one more question, can i save objects in a config file?