This documentation is archived and is not being maintained.

SecureString::MakeReadOnly Method

Makes the text value of this secure string read-only.

Namespace:  System.Security
Assembly:  mscorlib (in mscorlib.dll)

void MakeReadOnly()


This secure string has already been disposed.

Initialize the text value of an instance of the SecureString class with the SecureString constructors, and modify the value with the Clear, RemoveAt, SetAt, InsertAt, and AppendChar methods.

After you have made your final modifications, use the MakeReadOnly method to make the value of the instance immutable (read-only). After the value is marked as read-only, any further attempt to modify it throws an InvalidOperationException.

The effect of invoking MakeReadOnly is permanent because no means is provided to make the secure string modifiable again. Use the IsReadOnly method to test whether an instance of SecureString is read-only.

The following code example demonstrates how the AppendChar and RemoveAt methods can be used to collect the characters in a password. After the password is collected, it is made read-only.

// This example demonstrates using the AppendChar and RemoveAt 
// methods to collect a password. 
using namespace System;
using namespace System::Security;
int main()
   bool go = true;
   ConsoleKeyInfo cki;
   String^ m1 = L"(This example simulates entering a password. "
   L"Do not enter an actual password.)\n";
   String^ m2 = L"Enter your password (up to 15 letters, numbers, and underscores)\n"
   L"Press BACKSPACE to delete the last character entered. \nPress ESCAPE to quit:";
   SecureString ^ password = gcnew SecureString;
   int top;
   int left;

   // The Console.TreatControlCAsInput property prevents this example from 
   // ending if you press CTL+C, however all other operating system keys and 
   // shortcuts, such as ALT+TAB or the Windows Logo key, are still in effect. 
   // Each input character is assumed to occupy one screen column. 
   Console::TreatControlCAsInput = true;
   Console::WriteLine( m1 );
   Console::WriteLine( m2 );
   top = Console::CursorTop;
   left = Console::CursorLeft;
   while ( go )
      cki = Console::ReadKey( true );
      if ( cki.Key == ConsoleKey::Escape )

      if ( cki.Key == ConsoleKey::Backspace )
         if ( password->Length > 0 )
            Console::SetCursorPosition( left + password->Length - 1, top );
            Console::Write( ' ' );
            Console::SetCursorPosition( left + password->Length - 1, top );
            password->RemoveAt( password->Length - 1 );
         if ((password->Length < 15) && 
             (Char::IsLetterOrDigit( cki.KeyChar ) || 
              cki.KeyChar == '_') )
            password->AppendChar( cki.KeyChar );
            Console::SetCursorPosition( left + password->Length - 1, top );
            Console::Write( '*' );

   return 0;

This example produces results similar to the following text:

(This example simulates entering a password. Do not enter an actual password.)

Enter your password (up to 15 letters, numbers, and underscores)
Press BACKSPACE to delete the last character entered.
Press ESCAPE to quit:


Windows 7, Windows Vista, Windows XP SP2, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP Starter Edition, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003, Windows Server 2000 SP4, Windows Millennium Edition, Windows 98

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

.NET Framework

Supported in: 3.5, 3.0, 2.0