Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add secure string support to sqlite-net-sqlcipher #1076

Closed
honguyenminh opened this issue Nov 8, 2021 · 2 comments
Closed

Add secure string support to sqlite-net-sqlcipher #1076

honguyenminh opened this issue Nov 8, 2021 · 2 comments

Comments

@honguyenminh
Copy link

Currently connection string only support key as pure string or byte array. But normally passwords are (and should) be saved in a SecureString. Can you add support for it?
@Sergio0694
Copy link

"But normally passwords are (and should) be saved in a SecureString."

This is not correct. SecureString is not actually secure, has some well known fundamental issues, and in fact it's even not recommended and actually planned to be marked as obsolete and eventually removed entirely from the BCL. See the runtime design doc here: dotnet/designs#147. I don't think it makes sense to add support for this as it would just be more work to then incentivize users to use a type that should just never be used in the first place.

@honguyenminh
Copy link
Author

I have not read the docs for latest info on this type, so my bad. Closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Sergio0694 @honguyenminh