I was reading about SecureString and what it can offer. However, I'm in a scenario where I have a PasswordBox and want to extract the password from that component, encode it in a hash, and then compare it with another encrypted password contained in a database, and then perform a simple login system. p>
I have read that using the Password property is not a good idea because once we manipulate it, we are prone to having that password stolen, since the data of a string exists in memory.
Considering that a string is an object present in managed memory, how can I ensure the secure extraction of a password from a SecureString, also generating the least possible copies in memory? Or is that not a good idea either?