Password Control
Hi,
I have a simple WinForms app that uploads something to an SFTP server. I am trying to control the login to this SFTP properly but not sure how to both secure the password and still pass it in the connection string. I know about using DPAPI but that would not translate between machines when installing the app. Is there a way to safely store a password for decryption to use in this way? My best guess so far is to enter the password after install and use DPAPI to hash it. It's an extra install step I'd like to avoid if there's a better way.
I have a simple WinForms app that uploads something to an SFTP server. I am trying to control the login to this SFTP properly but not sure how to both secure the password and still pass it in the connection string. I know about using DPAPI but that would not translate between machines when installing the app. Is there a way to safely store a password for decryption to use in this way? My best guess so far is to enter the password after install and use DPAPI to hash it. It's an extra install step I'd like to avoid if there's a better way.
