How can I safely store the value of a password field during postbacks in ASP.NET?

Question

How can I safely store the value of a password field during postbacks in ASP.NET?

Is there a way to safely store the value of a password field during postbacks in ASP.NET? I was thinking about a view, but I don’t want to print it clearly in the HTML code, setting the control value to the content of the viewstate with each postback.

+3

c # .net asp.net

Slackoverflow Feb 16 '11 at 9:18

source share

3 answers

, .
, .

+1

Ghyath Serhal 16 . '11 9:21

I'm not sure how much this is possible in an ASP.NET application, but take a look at System.Security.SecureString .

This will allow you to fill in a string that is encrypted using encryption on the computer (your server). You will need to marshal this object on a usable (and decrypted) string when needed, and in my opinion, some of them are separated by their usefulness - I think there are ways and when to use it, and not.

0

Grant thomas Feb 16 '11 at 9:22

source share

Yahel · Accepted Answer · 2011-02-16T09:23:08+0000

If security is a problem, you should:

Use HTTPS
At the minimum minimum, never save a simple password even in your database, but say the MD5 password hash (minimum minimum). -Use this hash instead of a password in your email messages.

How can I safely store the value of a password field during postbacks in ASP.NET?

More articles: