Hacker News new | past | comments | ask | show | jobs | submit login

I didn't check but I assume they use SecureString.



I'd be surprised if they did and don't forget that it's serialized/deserialized from something which will be hanging around in the GC in the form of a memory backed stream or something too.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: