I have a Silverlight Business Application. I want to store the username and password that the user enters when logging into the system.
Does anyone have any pointers, tips etc on how I can securely store this data? I would like to store it encrypted but I'm not sure where I would store the password/salt, would it be secure to store this in the client code? I'm guessing it won't be because this is sent to the client.
I would normally use the Windows Data Protection API (DPAPI) to machine encrypt the data, is this possible in silverlight?
The app will be run in-browser using Silverlight 4.
Update
I validate the user on the server side. Currently I store the username and password encrypted on the server side. The reason I need them in the client side is when using the Perpetuum Report Viewer, in the case that the report contains sub-reports or has a drill-through then the user is prompted from their credentials. I don't want the user to need to enter their credentials again, the only way round this is to provide them on the client side.