SecureString Class
Updated: June 2010
Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. This class cannot be inherited.
Assembly: mscorlib (in mscorlib.dll)
An instance of the System.String class is both immutable and, when no longer needed, cannot be programmatically scheduled for garbage collection; that is, the instance is read-only after it is created and it is not possible to predict when the instance will be deleted from computer memory. Consequently, if a String object contains sensitive information such as a password, credit card number, or personal data, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory.
A SecureString object is similar to a String object in that it has a text value. However, the value of a SecureString object is automatically encrypted, can be modified until your application marks it as read-only, and can be deleted from computer memory by either your application or the .NET Framework garbage collector.
The value of an instance of SecureString is automatically encrypted when the instance is initialized or when the value is modified. Your application can render the instance immutable and prevent further modification by invoking the MakeReadOnly method.
Note that SecureString has no members that inspect, compare, or convert the value of a SecureString. The absence of such members helps protect the value of the instance from accidental or malicious exposure. Use appropriate members of the System.Runtime.InteropServices.Marshal class, such as the SecureStringToBSTR method, to manipulate the value of a SecureString object.
The SecureString class is derived from the CriticalFinalizerObject class and implements the IDisposable interface. For more information about implementing the IDisposable interface, see Garbage Collection.
The SecureString class and its members are not visible to COM. For more information, see ComVisibleAttribute.
Windows 2000 Platform Note: In addition to Windows 2000 Service Pack 4 and later, SecureString is supported on Windows 2000 Service Pack 3.
Windows 95, Windows 98, Windows 98 Second Edition, Windows Millennium Edition Platform Note: The SecureString class is not supported on Windows 98 or Windows Millennium Edition.
The following example demonstrates how to use a SecureString to secure a user's password for use as a credential to start a new process.
Imports System Imports System.ComponentModel Imports System.Diagnostics Imports System.Security Public Class Example Public Shared Sub Main() ' Instantiate the secure string. Dim securePwd As New SecureString() Dim key As ConsoleKeyInfo Console.Write("Enter password: ") Do key = Console.ReadKey(True) ' Ignore any key out of range If CInt(key.Key) >= 65 And CInt(key.Key <= 90) Then ' Append the character to the password. securePwd.AppendChar(key.KeyChar) Console.Write("*") End If ' Exit if Enter key is pressed. Loop While key.Key <> ConsoleKey.Enter Console.WriteLine() Try Process.Start("Notepad.exe", "MyUser", securePwd, "MYDOMAIN") Catch e As Win32Exception Console.WriteLine(e.Message) End Try End Sub End Class
System.Runtime.ConstrainedExecution.CriticalFinalizerObject
System.Security.SecureString
Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98
The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.