How to upload safely?

2

How to upload a file to an FTP server without the login information of this server being visible in the code?

For example, I do not want to do the following:

string FTPhost = "ftp://192.168.1.1/";
string FTPpass = "SenhaDoAcessoFTP";
string FTPuser = "Usuário";

FTPclient.Connect(FTPhost, FTPpass, FTPuser);

And this information can be easily seen with a decompiler. How do I hide this, and make the user using the application not have access to these passwords in any way ?

    
asked by anonymous 02.12.2017 / 22:21

1 answer

1

In no way, there is no way. It can create some devices to encrypt the password, but since it is in the application that the user has control, it has how to decipher, even if it takes time. In fact you do not even have to because you have to decrypt the application and you can get the password right now.

If you do not want someone to get a password, you only have one path: do not give it to anyone, no matter the form.

Password is used to provide security for a person, not for applications. If you can do this, great, if you can not and need to deliver, accept the insecurity.

Surely you have other ways to gain security at this level, but not using password and maybe not using FTP. But we do not even know the purpose, the restrictions, etc. A hint at another answer ( other ).

See a tutorial .

    
02.12.2017 / 22:50