Password-Protecting Sensitive InfoPath Form Fields
page 6 of 6
by S.Y.M. Wong-A-Ton
Average Rating: 
Views (Total / Last 10 Days): 38100/ 52


You can use the System.Security.Cryptography.PasswordDeriveBytes class to generate a symmetric key from a password.  The name of the logged on user that is returned by System.Environment.UserName can be used as the salt to the generated key.  This ensures uniqueness of the key for every user, even if passwords are the same for different users.

The password is used to both encrypt and decrypt form fields and is not persisted within the form.  The user is responsible for remembering the password; if she forgets the password or if the data within the form is tampered with, decryption will fail and it will not be possible to unlock the form any more.

The technique demonstrated in this article can be used to create self-contained secure password-protected InfoPath forms that provide authentication, privacy, and integrity.

View Entire Article

User Comments

No comments posted yet.

Community Advice: ASP | SQL | XML | Regular Expressions | Windows

©Copyright 1998-2024  |  Page Processed at 2024-04-22 3:07:26 PM  AspAlliance Recent Articles RSS Feed
About ASPAlliance | Newsgroups | Advertise | Authors | Email Lists | Feedback | Link To Us | Privacy | Search