×
Namespaces

Variants
Actions

Talk:How to encrypt your application data in Windows Phone

From Nokia Developer Wiki
Jump to: navigation, search

Hamishwillee - Hamishwillee - I don't think IsolatedStorageExplorer is a big risk

Apparently it can only get data from an app that is sideloaded - not from anything in marketplace. I guess there are cases where you could theoretically sideload an app onto the phone and someone would use it thinking it was safe, and then you could get it off and check out the password - but its not an "easy" hack.

Which of course doesn't mean this isn't worthwhile - depends on the value of the encrypted information.

hamishwillee 08:28, 19 November 2012 (EET)

Vinayppatil - Vinayppatil - strengthening security

Hi Hamish and influencer,

We can strengthen the security here by passing a salt to the ProtectedData methods. The same salt should be passed to ProtectedData.Protect() and ProtectedData.Unprotect() while encrypting and decrypting respectively. This way even if you somehow manage to get files out of IsolatedStorage you can't decrypt it without salt. For getting salt you will need get the application binaries and reverse engineer them to get code(you can obfuscate you code to add one more layer of security). I have modified the article to reflect the changes.

Regards,

Vinay

vinayppatil (talk) 11:46, 29 January 2014 (EET)

 

Was this page helpful?

Your feedback about this content is important. Let us know what you think.

 

Thank you!

We appreciate your feedback.

×