This tutorial will show you how to secure a string using SecureString class in C#.NET

As you know, String object is a common type of C#.NET

However when working with sensitive data, the SecureString class is more suitable.

The SecureString class is located under the System.Security namespace. A string stored in a SecureString object is kept encrypted in memory

string str = "c# code";
SecureString secureStr = new SecureString();
for (int i = 0; i < str.Length; i++)
    secureStr.AppendChar(str[i]);
secureStr.MakeReadOnly();

Creating a SecureString is not as simple as a regular string object. SecureString is created one character at a time

IntPtr p = Marshal.SecureStringToBSTR(secureStr);
string str = Marshal.PtrToStringBSTR(p);
Marshal.ZeroFreeBSTR(p);

Reading a SecureString is more complex. It doesn't have the ToString method, which is also intended to keep data secure.

To read the data, the C # developer must access the data directly in memory