Re: Encryption question

If you decompile the application (using reflector, for example), you will
see the encryption key in clear if the key is hard coded.

You may consider crypting this key with a user password asked each time the
application run.

Unfortunately, debugging the app will also help a malicious user to read the
memory and the key...

Steve

"Stanislaw Tristan" <admin@xxxxxxxxxx> a écrit dans le message de news:
uwpDIL$kGHA.1936@xxxxxxxxxxxxxxxxxxxxxxx
Is a password for the encrypted database that I'm specified in the
connection string can be catched 3rd party software such as sniffers,
memory dumpers etc. while connection opening?



.

Relevant Pages

  • Re: Encryption question
    ... I suppose that a good programmer can "debug" your process and grab the ... I don't think there is a workaround to solve this problem... ... connection string can be catched 3rd party software such as sniffers, ... memory dumpers etc. while connection opening? ...
    (microsoft.public.sqlserver.ce)
  • Re: Encryption question
    ... I don't think there is a workaround to solve this problem... ... the user enters password and click Connect button - catching is possible? ... connection string can be catched 3rd party software such as sniffers, ... memory dumpers etc. while connection opening? ...
    (microsoft.public.sqlserver.ce)
  • RE: Problem with pwd-protected Access .mdb
    ... Is it a Database password or a User password? ... If it is a Database Password then you need to add this to your connection string ... where System MDW is the Access System workgroup file you created when you set up the passwords. ...
    (microsoft.public.data.ado)
  • Re: The workgroup information file is missing
    ... You are using the form of Open that presents a user password. ... "Jet OLEDB:Database Password " property in the connection string ... Brian Bushay (TeamB) ...
    (borland.public.delphi.database.ado)