I am writing a program and I need to store important data like password, etc. What is the best way to store the password and where is the best way to store it?

Unhnd_Exception commented: Nice Waste of Time Thread -2
debasisdas commented: in your wallet -3
Member Avatar

Don't know what your looking for but heres an easy way to encrypt if you only need to keep on the local computer and your not using a database.

This uses the ProtectedData class. You will have to add a Reference to System.Security. When Encrypting and Decrypting with this class only the computer knows the key. It can only be Decrypted on the computer that encyrpted it. It has an option Entrophy which is an extra byte array to add some salt. You would have to read about that. The length of the Entropy has to be in a certain length.

This encrypts to a file and stores it in the app directory.

Imports System.Security.Cryptography

Public Class Form1

Private Sub ButtonEncrypt_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles ButtonEncrypt.Click

    Dim Password As String = "BeaverLeaveItToHim"
    Dim MemoryStream As New IO.MemoryStream
    Dim BinaryWriter As New IO.BinaryWriter(MemoryStream)
    Dim EncryptedPassword As Byte()

    'Write anything here you want encrypted in the file.

    EncryptedPassword = ProtectedData.Protect(MemoryStream.ToArray, Nothing, DataProtectionScope.LocalMachine)

    My.Computer.FileSystem.WriteAllBytes(My.Application.Info.DirectoryPath & "\Password.psd", EncryptedPassword, False)


End Sub

Private Sub ButtonDecrypt_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles ButtonDecrypt.Click

    Dim EncryptedPassword As Byte() = My.Computer.FileSystem.ReadAllBytes(My.Application.Info.DirectoryPath & "\Password.psd")
    Dim MemoryStream As New IO.MemoryStream(ProtectedData.Unprotect(EncryptedPassword, Nothing, DataProtectionScope.LocalMachine))
    Dim BinaryReader As New IO.BinaryReader(MemoryStream)
    Dim Password As String = BinaryReader.ReadString


End Sub

End Class

I should point out that this would only be used to store on a client computer. You would not use this to store permanent information on a server or anything like that. Once the operating system is reinstalled the information will no longer be able to be decrypted. If you need permanent storage then you can see this link on the Msdn website about the RijndaelManaged Class. I think I also saw a code snippet on this site about encryption in the past week or so.


I use both classes. For different reasons.