views:

351

answers:

3

I have a password that I want to store as property in a Web Part that can be set via the tool pain. Currently it is a String and can be clearly read. How would I go about making it * out? If this is the wrong way to be doing this what would you advice to do instead?

A: 

You can use a ToolPart to create a custom control for saving/reading your data.

http://msdn.microsoft.com/en-us/library/dd584178(office.11).aspx

http://www.sharepointkings.com/2009/04/creating-custom-tool-part.html

JMD
+1  A: 

In the custom ToolPart (mentioned by JMD), set the TextMode attribute on the control used for the password.

<asp:TextBox id="txtPassword" TextMode="password" runat="server" />

This will output asterixes instead of the actual characters when users type.

Alex Angas
A: 

Expanding on Alex's answer - the password will still be stored as plain text in the configuration file and will be easily read if someone uses the UI to export the web part as a dwp file (which is just XML text).

Look at encrypting this password as well, to get you started

How To: Encrypt Configuration Sections in ASP.NET 2.0 Using DPAPI

How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA

Ryan