Storing username and password

S

Steve Lloyd

Hi, I am looking for a bit of advice.

I have an application that can be installed on users home PC's that
authenticates to a windows domain server over a VPN. Once authenticated
against the Active directory I need to reuse the inputted information over
and over and again for various database tasks (using windows authtication).

What is the best and most secure way to store the username and password for
re-use? I have considered hashing it and storing in a file in the
application directory, is this secure and advisable? Any suggestion woul be
much appreciated.

Thanks

Steve.
 
M

m.posseth

Hello Steve ,,,

I would not recommend the aproach of saving the file in the application
directory,
i believe it would be better to save the file in a user context directory
i.o.w. X:\Documents and Settings\username\yousubdir\uspa.encryptedfile

in this way only the user , who knows his own username and password :) ,,,
and the systems administrator can access the file

i would use a secure encryption method ( like rijndael / DES )

Regards

Michel Posseth
 
G

Guest

i think you could create a (net, windows, generic) credential data type, and
walk with this...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Storing username and password 3
Username and Password 1
check username and password in database 11
storing the username and password information 3
Storing Variable for use in different page 5
Accessing ActiveDirectory through LDAP with .NET 9
Some users are required to enter a username/password/domain, why? 2
Best practice concerning authentication ? 1

Top