Security issues in accepting passwords vs auto generating the password
Posted
by
Vivekanand Poojari
on Stack Overflow
See other posts from Stack Overflow
or by Vivekanand Poojari
Published on 2011-01-01T10:23:41Z
Indexed on
2011/01/01
10:54 UTC
Read the original article
Hit count: 160
security
Hi,
I am developing a console application. This application generates a self signed certificate and installs it in the current machine's certificate store.
The steps invlolved are :-
Generate a certificate
Create a pfx file
Install the pfx file
For these steps i would need a password for protecting the private key and the pfx file.
However these passwords are used only during the execution of the exe.
Should I auto generate a password using some random number generation algorithm or accept the password as input from the user?
What are the security issues involved in both the scenarios ?
Thanks
Vivekanand
© Stack Overflow or respective owner