SecureString Class

.NET Framework Class Library

Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. This class cannot be inherited.

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

 Syntax

Visual Basic (Declaration)

Public NotInheritable Class SecureString _
    Inherits CriticalFinalizerObject _
    Implements IDisposable

Visual Basic (Usage)

Dim instance As SecureString

C#

public sealed class SecureString : CriticalFinalizerObject, 
    IDisposable

Visual C++

public ref class SecureString sealed : public CriticalFinalizerObject, 
    IDisposable

JScript

public final class SecureString extends CriticalFinalizerObject implements IDisposable

 Remarks

An instance of the System..::.String class is both immutable and, when no longer needed, cannot be programmatically scheduled for garbage collection; that is, the instance is read-only after it is created and it is not possible to predict when the instance will be deleted from computer memory. Consequently, if a String object contains sensitive information such as a password, credit card number, or personal data, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory.

A SecureString object is similar to a String object in that it has a text value. However, the value of a SecureString object is automatically encrypted, can be modified until your application marks it as read-only, and can be deleted from computer memory by either your application or the .NET Framework garbage collector.

The value of an instance of SecureString is automatically encrypted when the instance is initialized or when the value is modified. Your application can render the instance immutable and prevent further modification by invoking the MakeReadOnly method.

Note that SecureString has no members that inspect, compare, or convert the value of a SecureString. The absence of such members helps protect the value of the instance from accidental or malicious exposure. Use appropriate members of the System.Runtime.InteropServices..::.Marshal class, such as the SecureStringToBSTR method, to manipulate the value of a SecureString object.

The SecureString class is derived from the CriticalFinalizerObject class and implements the IDisposable interface. For more information about implementing the IDisposable interface, see Garbage Collection.

The SecureString class and its members are not visible to COM. For more information, see ComVisibleAttribute.

Windows 2000 Platform Note:

In addition to Windows 2000 Service Pack 4 and later, SecureString is supported on Windows 2000 Service Pack 3.

Windows 95, Windows 98, Windows 98 Second Edition, Windows Millennium Edition Platform Note:

The SecureString class is not supported on Windows 98 or Windows Millennium Edition.

 Inheritance Hierarchy

System..::.Object
  System.Runtime.ConstrainedExecution..::.CriticalFinalizerObject
    System.Security..::.SecureString

 Thread Safety

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

 Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

 Version Information

.NET Framework

Supported in: 3.5, 3.0, 2.0

 See Also

Reference

SecureString Members

System.Security Namespace

ComVisibleAttribute

Marshal

CriticalFinalizerObject

IDisposable