I have a Windows Phone application which create and has access to personal data in a txt file. I want something like:
The application asks the user to insert his password , and if it is correct , it decrypts runtime the data and makes the data accessible.
What's the right way to encrypt this data?
I search something that is simple to use and is very safe. I've tried to search in the web and i've found this:
http://msdn.microsoft.com/en-us/library/system.io.file.encrypt%28v=vs.110%29.aspx
But is it safe? There's anybody that have used it? How it works?
Sorry for my poor english. Thank you.
There is a whole article about encrypting data on MSDN: http://msdn.microsoft.com/en-us/library/windows/apps/hh487164%28v=vs.105%29.aspx
Just use ProtectedData.Protect and ProtectedData.Unprotect. Both methods take the data and salt as paremeters, so use the user`s password as salt.
Related
So I have made a game app using Unity and it stores a lot of information and data in the mobile's data path in this case Android. Now the user can definitely go there and alter the data i.e delete a file and that can lead to my app not working properly. So is there a way to maybe encrypt them so that the user cannot tamper with the data?
Files are of sound, pictures, etc.
You can encrypt files on the disk, but ultimately a player with malicious intentions would be able to slerp the keys used for encryption from the built version of the game. Because of this, I like to call it "Obscufication" rather than "Encryption", but please do try not to store sensitive information in there!
I recommend checking out this StackOverflow answer on how to perform encryption in C#.
If you want more security then you will need a server to store data on. Good luck!
I'm in the middle of creating an ASP.net website, and I'm starting to wonder what is the best way to store my connection string.
After reading this question, a user recommends that you store the connection string in a text file, and change the permissions to only be used by your application.
I currently have it stored in web.config, so would it be fine to set the web.configs permissions instead? I do plan on encrypting it as well.
Can someone give me a push in the right direction for how to do this?
If you are going to down vote my question, please give me a reason why.
I'm designing a Windows Phone 8 app where I need to save certain credentials and message backups as a Parse object. So, while I'm taking data from the user end I want to preserve privacy of the clients. So, why not encrypt it. But then again I need to decrypt it back on client side. Say, there's a message "I'll be late". So, I want it to be encrypted to say "###%&**))^^^__673asdh" and saved in backend which makes absolute no sense to me. Again this encrypted message is read back to the front end client as and when required as the original message that he stored. Please suggest a good library. is AES a good option? Sorry for the question. I'm basically a noob in cryptography! Thanks.
If you are noob in cryptography - do not use encrytion/decryption primitives. Encryption/decryption method is only a part where proper use of the method is very important too. Try to find some crypto library that will do the work for you. At start you can read about Crypto++ library and BounceCastle, inspect the exmaples in this libraries.
I want to write a program to maintain some important information for me , but i don't want to use sql as database because it is very important for me that no one can access the data , i want to save my data in a file and i want to use a password to protect my file like password in winrar software and then can access the data just in my program, can anyone give me an idea ?
Thank u all :)
Why not encrypt the file using AES? Here is a great tutorial for C# and Rinjdael/AES encyption and decryption of files.
EDIT:
But as mentioned in another answer SQL does provide password protection for its databases, would that not be the exact same thing you want to do (except you will be re-inventing the wheel)
I've seen professional applications that use a (un)zip library to open password protected archives. Of course one can brute-force those passwords and open the archive. So I don't recommend this option.
SQL database looks like the best option, but you need a database server. Or you might look into SQLite, it's serverless. To password protect sqlite you can read this question
I have a desktop application developed in C#.NET, with an encrypted database.
The encryption password is hard coded in the application code.
How can I hide this password, since the code can be accessed through
a .net disassembler?
Maybe obfuscate the code could be a solution, but how do I create a setup for the application with the obfuscated code, because every time I rebuild the setup, a brand new .exe is created and the code is never obfuscated.
I hope someone knows how to get around this.
My suggestion is to not do this and here's why: SCADA
You definitely want to look into some for of encryption, some professional obfuscators will encrypt string information in an assembly as well.