This documentation is archived and is not being maintained.

SecureString.MakeReadOnly Method

Makes the text value of this secure string read-only.

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

Public Sub MakeReadOnly


This secure string has already been disposed.

Initialize the text value of an instance of the SecureString class with the SecureString constructors, and modify the value with the Clear, RemoveAt, SetAt, InsertAt, and AppendChar methods.

After you have made your final modifications, use the MakeReadOnly method to make the value of the instance immutable (read-only). After the value is marked as read-only, any further attempt to modify it throws an InvalidOperationException.

The effect of invoking MakeReadOnly is permanent because no means is provided to make the secure string modifiable again. Use the IsReadOnly method to test whether an instance of SecureString is read-only.

The following code example demonstrates how the AppendChar and RemoveAt methods can be used to collect the characters in a password. After the password is collected, it is made read-only.

' This example demonstrates using the AppendChar and RemoveAt 
' methods to collect a password.

Imports System
Imports System.Security

Class Sample
   Public Shared Sub Main()
      Dim cki As ConsoleKeyInfo
      Dim m1 As String = "(This example simulates entering a password. " & _
                         "Do not enter an actual password.)" & vbCrLf
      Dim m2 As String = "Enter your password (up to 15 letters, numbers, and underscores)" & vbCrLf & "Press BACKSPACE to delete the last character entered. " & vbCrLf & _
                         "Press ESCAPE to quit:"
      Dim password As New SecureString()
      Dim top, left As Integer
      ' The Console.TreatControlCAsInput property prevents this example from
      ' ending if you press CTL+C, however all other operating system keys and 
      ' shortcuts, such as ALT+TAB or the Windows Logo key, are still in effect. 
      ' Each input character is assumed to occupy one screen column.
      Console.TreatControlCAsInput = True


      top = Console.CursorTop
      left = Console.CursorLeft

      ' Read user input from the console. Store up to 15 letter, digit, or underscore
      ' characters in a SecureString object, or delete a character if the user enters 
      ' a backspace. Display an asterisk (*) on the console to represent each character 
      ' that is stored.

      While True
         cki = Console.ReadKey(True)
         If cki.Key = ConsoleKey.Escape Then
            Exit While
         End If
         If cki.Key = ConsoleKey.Backspace Then
            If password.Length > 0 Then
               Console.SetCursorPosition(left + password.Length - 1, top)
               Console.Write(" "c)
               Console.SetCursorPosition(left + password.Length - 1, top)
               password.RemoveAt(password.Length - 1)
            End If
            If password.Length < 15 AndAlso([Char].IsLetterOrDigit(cki.KeyChar) _
            OrElse cki.KeyChar = "_"c) Then
               Console.SetCursorPosition(left + password.Length - 1, top)
            End If
         End If
      End While

      ' Make the password read-only to prevent it from being modified after it has 
      ' been collected. 

   End Sub 'Main
End Class 'Sample
'This example produces results similar to the following text:
'(This example simulates entering a password. Do not enter an actual password.)
'Enter your password (up to 15 letters, numbers, and underscores)
'Press BACKSPACE to delete the last character entered.
'Press ESCAPE to quit:

.NET Framework

Supported in: 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.