문제

I am making a little project that requires me to access one of my email accounts frequently to send emails. With that being said, I obviously know the log-in information ahead of time, and in order to protect the password from being created into a SecureString multiple times, I have created a Singleton class:

public sealed class Sender
{
    #region Private Member Variables

    private readonly static Sender SingletonSender = new Sender(); // Singleton object
    private readonly SecureString password;
    private const String defaultEmailAddress = "xxxxxxxxxxxxx";

    #endregion

    #region Properties

    public static Sender ReminderSender
    {
        get { return SingletonSender; }
    }

    #endregion

    #region Constructors

    private unsafe Sender()
    {
        Char[] passwordCharacters = {/* password characters */};
        fixed (Char* pwChars = passwordCharacters)
        {
            password = new SecureString(pwChars, passwordCharacters.Length);
        }
        password.MakeReadOnly();
        passwordCharacters = null;
    }
    #endregion

  // Additional methods
}

Now, I am wondering if this is the correct way to protect the password from being exposed unnecessarily? Additionally, if anyone has a better strategy to solve this, I would love to hear it. Note, that my goal of this application is to have it deployed on various PC's not just on my own.

도움이 되었습니까?

해결책

Run the code in a web app, and have the various PCs ask the server to run this code on their behalf.

Do you really want to make sure the user's have .NET 4.5? (answer: no)

You could probably get a Rails app on Heroku in less overall time.

By the way, if you are using Gmail, you can put an OAUTH token on the user's machine instead of your password, which you can revoke. It's still a password of sorts, but at least it's not your password.

https://developers.google.com/gmail/oauth_overview

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top