Вопрос
I am currently working on one of my first application that will be distributed, but I am running into a huge problem. With use of dotPeek (http://www.jetbrains.com/decompiler/) I can easily retrieve my login data.
Of course, converting the password to UTF8 bytes will not slow a hacker down much.
What would be the best strategy to prevent someone from retrieving the login details to the database (or any details at all)?
Решение
The simpliest way - you can use tools from System.Security.Cryptography namespace to encrypt your credentials and then use any obfuscator to make decription process little harder.
But it's only question of time when someone recovers it.
The right way - to hide your database behind web service with public API. It requires more effort but will reduce security riscs significantly.
https://stackoverflow.com/questions/17913567
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian