[Mono-list] secure credential storage

Edward Ned Harvey (mono) edward.harvey.mono at clevertrove.com
Fri Jul 12 16:29:15 UTC 2013


There are a ton of big confusing concepts and classes (maybe even namespaces) out there ... And it's even more confusing if you care about which ones mono will be able support cross-platform.  So I'm hoping for advice on at least what to look up for a starting point.

I see such things as HostSecurityManager, CryptProtectData, Protected Storage, ProtectedMemory, and ProtectedData.  Probably others too, that I just haven't found yet ...  Not quite sure yet where to start.

The goal is for an application to be able to securely store credentials (for example, credentials to access some online service. When you connect to a service, and click the checkbox "remember my password.")  Such as mac keychain, gnome keyring, and whatever windows uses.  "Secure" means the information is inaccessible at *least* by other users, encrypted on disk (with sufficient salting & stretching etc), and ideally, even inaccessible by other applications or corrupted versions of my application, etc.  But that seems likely too much to hope for.

Thanks for any suggestions...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ximian.com/pipermail/mono-list/attachments/20130712/fb7a12d0/attachment.html>


More information about the Mono-list mailing list