I would like to transfer user name and password information from one process to another process running on the same server in Windows. What is the best approach to achieve this transfer in a secure way? One simple approach is to copy the passwords to a file and then have the other process read from a file and then delete the file once it is read. Though this is simple I am concerned if it is secure though since it is still possible for someone to gain access to this file even though it lives only for a short period of time & also has the possibility of the file being left out if the other processes errors out or crashes. IPCs like sockets and named pipes seems to be an overkill for this problem. I am more inclined towards using memory mapped files as explained in this link below which talks about sharing memory across processes. Is this the right approach? Also, is it a good idea to fill the memory with dummy data prior to freeing/erasing to prevent rouge processes from scavenging data from this memory location?
http://msdn.microsoft.com/en-us/library/aa366551(VS.85).aspx