How to upload safely?

Asked

Viewed 119 times

3

How to do upload/download of a file on an FTP server without this server’s login information being visible in the code? For example, I nay I want to do the following:

string FTPhost = "ftp://192.168.1.1/";
string FTPpass = "SenhaDoAcessoFTP";
string FTPuser = "Usuário";

FTPclient.Connect(FTPhost, FTPpass, FTPuser);

And that information can be easily seen with a decompiler. How do I hide this, and make the user who is using the application not have access to these passwords by no means?

1 answer

2


There is no way. You can create some tricks to encrypt the password, but since it is in the application that the user has control, you can decipher it, even if it takes time. Actually you don’t even need to because to send the application you have to decrypt and at that moment it is possible to get the password.

If you don’t want someone to take a password there’s only one way: don’t give it to anyone, no matter the way.

Password is used to provide security for a person, not for applications. If you can do this, great, if you can’t and need to deliver, accept insecurity.

Surely there are other ways to get security at this level, but not using password and maybe not using FTP. But we don’t even know the goal, the restrictions, etc. A tip on another answer (another).

Behold a tutorial.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.