Storing username and password

Hello Steve ,,,

I would not recommend the aproach of saving the file in the application
directory,
i believe it would be better to save the file in a user context directory
i.o.w. X:\Documents and Settings\username\yousubdir\uspa.encryptedfile

in this way only the user , who knows his own username and password :-) ,,,
and the systems administrator can access the file

i would use a secure encryption method ( like rijndael / DES )

Regards

Michel Posseth


"Steve Lloyd" <st****************@livenowpaylater.co.uk> wrote in message
news:uz**************@TK2MSFTNGP10.phx.gbl...

Hi, I am looking for a bit of advice.

I have an application that can be installed on users home PC's that
authenticates to a windows domain server over a VPN. Once authenticated
against the Active directory I need to reuse the inputted information over
and over and again for various database tasks (using windows
authtication).

What is the best and most secure way to store the username and password
for re-use? I have considered hashing it and storing in a file in the
application directory, is this secure and advisable? Any suggestion woul
be much appreciated.

Thanks

Steve.

i think you could create a (net, windows, generic) credential data type, and
walk with this...
--
Salute by the First Time!
"Steve Lloyd" wrote:

Hi, I am looking for a bit of advice.

I have an application that can be installed on users home PC's that
authenticates to a windows domain server over a VPN. Once authenticated
against the Active directory I need to reuse the inputted information over
and over and again for various database tasks (using windows authtication).

What is the best and most secure way to store the username and password for
re-use? I have considered hashing it and storing in a file in the
application directory, is this secure and advisable? Any suggestion woul be
much appreciated.

Thanks

Steve.