This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

[WPSL][C#] How to keep a username and password secure.

Question
0

Sign in to vote

Hi.

Imagine a social app where you sign up with a username and password before you can fully enjoy the wonderful experiences found everywhere inside the network of the app. Now this is my logic I have thus far: The app sends the username and password (un and pw hereinafter) to a server for processing. The server writes a record of it to a database table. Every time the end-user signs in the app send again the un and pw and validate it against the record. The Post request is over http.

My question is how can I keep the un and pw secure for as long as the end-user remains a member on the network?

Thank you.

Thursday, December 24, 2015 3:17 PM

Answers

0

Sign in to vote
You should not store the user name and password. Once the user logs in with an oauth provider you will get back a authorization token. You should store the token.

https://code.msdn.microsoft.com/windowsapps/Web-Authentication-d0485122
- Proposed as answer by Fred Bao Tuesday, January 5, 2016 7:15 AM
- Marked as answer by Fred Bao Wednesday, January 6, 2016 7:28 AM
Thursday, December 24, 2015 11:24 PM