C# (Xamarin) - Clear Strings from memory and store it securely

Asked Aug 07 '20 at 14:14

Active Aug 07 '20 at 14:14

Viewed 230 times

I am developing Xamarin applications (iOS + Android + common .NET Standard projects).

I collect sensitive data (strings) and want to:

store it as secure as possible (not in storage, just in memory for some process)
clear it from memory when some conditions is met

At first SecureString looked perfect for me, but I found that:

We don't recommend that you use the SecureString class for new development. For more information, see SecureString shouldn't be used on GitHub.

So what is the best way to achieve that?

asked Aug 07 '20 at 14:14

BBNN

You could check the link below. it would be helpful. https://stackoverflow.com/questions/55590869/how-to-protect-strings-without-securestring – Wendy Zang - MSFT Aug 10 '20 at 05:32
If you use Entry in XF as a password field, then the string is in memory and can be dumped. Setting null doesn't help, because strings are immutable. What is best practice here? Setting the entry = null and start a GC? – Saftpresse99 Jan 20 '22 at 13:06

0 Answers0