I have an application which takes a string from the Windows Forms text box and passes it to an API which uses a string as the parameter. I see that the string can still be queried from the process memory after the task is complete. I have come across suggestions to use SecureString
for string memory management capabilities. But, if I understand correctly, the purpose of the string is defeated if the secure string is built from a string or the value of the secure string is ultimately stored in a string.
Please suggest what is the best possible solution.
See Question&Answers more detail:os