Good morning,
I have an application made in .NET with C #, in a review that was done to see the vulnerability it was found that the data like the password is exposed.
SecureString, core.encrypt, marshal classes have been used however the goal of hiding it has not been achieved.
Any ideas? Please.
Greetings!
It's a simple form where you put a text for the user and another for the password, if they perform the memory dump (DMP file), the captured information appears, that's where the problem comes from. Reviewing the theme they recommend the secure string that hides the variable but the content still appears.