Represents text that should be kept confidential. The text is encrypted for privacy when being used, and deleted from computer memory when no longer needed. This class cannot be inherited.
See Also: SecureString Members
An instance of the string class is both immutable and, when no longer needed, cannot be programmatically scheduled for garbage collection; that is, the instance is read-only after it is created and it is not possible to predict when the instance will be deleted from computer memory. Consequently, if a string object contains sensitive information such as a password, credit card number, or personal data, there is a risk the information could be revealed after it is used because your application cannot delete the data from computer memory.
A System.Security.SecureString object is similar to a string object in that it has a text value. However, the value of a System.Security.SecureString object is automatically encrypted, can be modified until your application marks it as read-only, and can be deleted from computer memory by either your application or the .NET Framework garbage collector.
The value of an instance of System.Security.SecureString is automatically encrypted when the instance is initialized or when the value is modified. Your application can render the instance immutable and prevent further modification by invoking the SecureString.MakeReadOnly method.
Note that System.Security.SecureString has no members that inspect, compare, or convert the value of a System.Security.SecureString. The absence of such members helps protect the value of the instance from accidental or malicious exposure. Use appropriate members of the System.Runtime.InteropServices.Marshal class, such as the System.Runtime.InteropServices.Marshal.SecureStringToBSTR(SecureString) method, to manipulate the value of a System.Security.SecureString object.
The System.Security.SecureString class and its members are not visible to COM. For more information, see System.Runtime.InteropServices.ComVisibleAttribute.