I'm trying to send multiple email using a gmail email.
MailMessage mail = new MailMessage();
SmtpClient SmtpServer = new SmtpClient("smtp.gmail.com");
mail.From = new MailAddress("gmail email ssl server");
mail.To.Add("email to send to");
mail.Subject = "Test Mail 2.0";
mail.IsBodyHtml = true;
mail.Body = body;
SmtpServer.Port = 587;
SmtpServer.Credentials = new System.Net.NetworkCredential("[email protected]", "My Password");
SmtpServer.EnableSsl = true;
SmtpServer.Send(mail);
It's working well, but as you already know, C# code is retrievable. Do you know a crypted method that gmail will accept as password. So i can store in the code, only the crypted password, my email will still be vulnerable, but a lot less than right now.
When you think about it, it's like how browser's store your password isn't it? Up until February 2020, Google decided plain DPAPI is good enough for that. Of course, as the linked article mention, it became easy picking for password-stealing malware. Technically it's not really a strong concern, reading DPAPI requires running as the same user or elevated ones, so it already has access to other interesting data. You can just keep using DPAPI, indeed, Chrome now encrypted the password instead of using DPAPI but still keep the encryption key through DPAPI, with the decryption procedure clearly described in this StackOverflow answer, malware and password tools were updated just few days after the Chrome update.
So if you want to add a very minimal change, using the DPAPI as it is is usually good enough. Adding another encryption only forces the attacker to decompile your apps to reverse the encryption and your app will still leak the password all over. Otherwise if you absolutely don't want the password exposed, create a webservice and tell your app to call the service instead.