Hello,I have an MVVM project where I'm trying to secure my password.Before I tried to secure my password,the program was running perfectly,after it gaave me an error every time I tried to log in.Now I have an intreface called IHavePassword:
internal interface IHavePassword
{
System.Security.SecureString Password { get; }
}
I secure my passwordbox in the view liek this:
public System.Security.SecureString Password
{
get
{
return passwordBox.SecurePassword;
}
}
This is how I bind it in the view:
<PasswordBox x:Name="passwordBox"
MaxLength="10"
local:PasswordHelper.BindPassword="true"
local:PasswordHelper.BoundPassword="{Binding Path=PWD, Mode=TwoWay, ValidatesOnDataErrors=True,UpdateSourceTrigger=PropertyChanged}"
PasswordChar="*"
Background="#545d6a"
Foreground="White"
FontSize="18" local:EnterKeyHelpers.EnterKeyCommand="{Binding ButtonCommand}"
local:PasswordHelper.EncryptedPassword="{Binding Path=PWD, Mode=TwoWay, ValidatesOnDataErrors=True,UpdateSourceTrigger=PropertyChanged}" PasswordChanged="passwordBox_PasswordChanged_1">
In the VM,I have a method that converts from string to securestring which I'm using it like this:
private string ConvertToUnsecureString(SecureString securePassword)
{
if (securePassword == null)
{
return string.Empty;
}
IntPtr unmanagedString = IntPtr.Zero;
try
{
unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(securePassword);
return Marshal.PtrToStringUni(unmanagedString);
}
finally
{
Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
}
}
And this is how I'm calling it in the main method which I use to pass to the DelegateCommand:
public void IsValidLogin(object param)
{
string connstring = "Data Source=(LocalDB)\\MSSQLLocalDB;AttachDbFilename=C:\\Users\\user0909\\Documents\\AttendanceListStudents.mdf;Integrated Security=True;Connect Timeout=30";
try
{
using (SqlConnection con = new SqlConnection(connstring))
{
con.Open();
String query = "SELECT COUNT (*) FROM RegisterTeacher WHERE pwd=@pwd";
SqlCommand cmd = new SqlCommand(query, con);
cmd.CommandType = CommandType.Text;
SqlParameter pass = cmd.Parameters.AddWithValue("@pwd", pwd);
if (pwd == null)
{
pass.Value = DBNull.Value;
}
var passwordContainer = param as IHavePassword;
if (passwordContainer != null)
{
var secureString = passwordContainer.Password;
pwd = ConvertToUnsecureString(secureString);
int count = Convert.ToInt32(cmd.ExecuteScalar());
if (count == 1)
{
var app = new TextBoxFocusView();
var context = new TextBoxFocusDb();
app.DataContext = context;
app.Show();
}
else
{
MessageBox.Show("Your card does not appear in the system");
}
}
}<pre>
I get the error "Cannot implicitly convert from string to securestring".I have tried to look over for some relevant info,but all I could find was similar to this:
https:
I have also changed my password from string to SecureString:
<pre>private SecureString pwd;
public SecureString PWD
{
get { return pwd; }
set
{
if (pwd != value)
{
pwd = value;
NotifyOnPropertyChange("PWD");
}
}
}
Can someone help me in this matter?Thank you in advance!
What I have tried:
What I have tried and I still have is depicted in my question.
Submit an article or tip