0

I have simple Login form.

After the user have digit password I need to destroy textbox to the memory.

Is it enough to do this?

txtPassword.Text = string.Empty;
txtPassword = null;
System.GC.Collect();
daniele3004
  • 13,072
  • 12
  • 67
  • 75
  • Pragmatically calling of `GC` is not a very good thing. – Amit May 11 '18 at 13:05
  • 4
    No. The text can still be in the `TextBox`; some other variable or object that you may have a reference to. You might want to consider WPF's `PasswordBox` and `SecureString` –  May 11 '18 at 13:06
  • Simply `txtPassword.Text = string.Empty;` doesn't work ? – Amit May 11 '18 at 13:07
  • @MickyD I trasfer the text in SecureString – daniele3004 May 11 '18 at 13:12
  • @Amit no. That won't do anything for any potential orphaned `string` object with clear text password –  May 11 '18 at 13:13
  • @MickyD I didn't consider any `string` object which has been derived from `txtPassword.Text` , suppose there may not any such exclusive string, doing `txtPassword.Text = string.Empty` will not be enough for overwirting original value of it from its reference (memory) – Amit May 11 '18 at 13:18
  • @Amit there is no gurantee that the memory will be cleaned if you call the `GC` – JanMer May 11 '18 at 13:20
  • And what are you doing with that password after that? – Evk May 11 '18 at 13:20
  • @Amit you can assign `.Text` anything you want. The password can still be floating in memory somewhere unprotected –  May 11 '18 at 13:20
  • 1
    Possible duplicate of [What is the correct way to free memory in C#](https://stackoverflow.com/questions/6066200/what-is-the-correct-way-to-free-memory-in-c-sharp) – daniele3004 May 11 '18 at 13:21
  • Not sure why you voted to close your **own** question as a duplicate. The linked post isn't particularly relevant –  May 11 '18 at 13:29
  • Off-topic perhaps - Possible duplicate of [Best way to secure a Winform page ?](https://stackoverflow.com/questions/18739263/best-way-to-secure-a-winform-page). The suggestions are is that you don't use a password at all and use Windows authentication. Check out _Hans Passant's_ comment on that page –  May 11 '18 at 13:33

2 Answers2

3

I think you might be interested in SecureString

An instance of the System.String class is both immutable and, when no longer needed, cannot be programmatically scheduled for garbage collection; that is, the instance is read-only after it is created, and it is not possible to predict when the instance will be deleted from computer memory. Because System.String instances are immutable, operations that appear to modify an existing instance actually create a copy of it to manipulate. Consequently, if a String object contains sensitive information such as a password, credit card number, or personal data, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory.

A SecureString object is similar to a String object in that it has a text value. However, the value of a SecureString object is pinned in memory, may use a protection mechanism, such as encryption, provided by the underlying operating system, can be modified until your application marks it as read-only, and can be deleted from computer memory either by your application calling the Dispose method or by the .NET Framework garbage collector.

Community
  • 1
  • 1
JanMer
  • 1,198
  • 2
  • 17
  • 27
  • I transfer the data String and after in SecureString but I need to destroy the TextBox with password and the transition String Variable to the memory. – daniele3004 May 11 '18 at 13:16
  • 2
    Insufficient. WinForms (the subject of the OP's question) does not support `SecureString` for the `Text` property or similar, unlike WPF's `PasswordBox`. `PasswordBox` doesn't even have a `string Text` property instead it is a `SecureString SecurePassword`. This sets up the foundation for secure strings suitable for passwords. Attempting to use `SecureString` as an afterthought for WinForms is risky –  May 11 '18 at 13:16
  • 2
    @daniele3004 - transfering data from a `string` into a `SecureString` is useless (because the `string` is still in memory and you won't get rid of it that easily; which is what your question basically is). The security of `SecureString` is only achieved by *never having the "complete" `string` in (insecure) memory*. You add it character by character, keypress by keypress. Like in the example in the linked MSDN article. – Corak May 11 '18 at 13:24
0

Set it into:

txtPassword.PasswordChar = '\0';
Alieza
  • 1
  • Please add a (short) explanation. I understand you intend to rewrite the string so it does not contain the text anymore, so it does not include the password anymore. Could you develop your answer? – lnjuanj Oct 22 '20 at 08:48