I'm making a distributable DLL plugin for a program I currently use that hosts an API to expand it's functionality. I want to use MySQL in this plugin but I don't want some 10 year old decompiling my plugin and getting my source code.
How can I make sure that the credentials I use for the application will not be compromised? The username and password will only be good for the certain tasks of the app but I still don't want it seen.
... but I don't want some 10 year old decompiling my plugin and getting my source code.
use an obfuscator. but that has nothing to do with securing your db credentials.
here are my suggestions:
Encrypt / encode your credentials (creating a byte array containing the ascii character values of the username/password and use Encoding.ASCII.GetString(bytes) to retrieve the name/pw, is the simplest way, but there are a bit more secure approaches too)
Use a web service instead of a local database (store all data remotely)
If your addin system provides you the facilities to make addin configurations, then provide each user a place to provide a username / password, and create a user and grant access based on those credentials rather than hard coding it.