MattNorman
Well-known member
- Joined
- May 22, 2021
- Messages
- 98
- Programming Experience
- 1-3
I am trying to come up with a solution to handle the first time setup of my application where the user will be prompted for various settings such as database server and credentials.
I am currently doing this by looking for a registry key/value and if not present, I run the setup process on application start.
The issue with my current setup is that any user that has access to the machine that it is installed on, could in theory just delete all of the registry keys to allow them to be able to reconfigure all settings.
This wouldn't necessarily be a concern if they deleted all registry settings as they would have to specify the database server and credentials again. If they however only deleted the registry key for first time setup they could technically run the first time setup and the app would see the existing database settings.
Is there a more elegant way of handling this and preventing unauthorised users from potentially getting on to the app if they somehow gained access to the computer?
The only thing I can think of with my current setup is that if the first time setup reg key is deleted then I prevent my setup form from reading in any existing settings and force them to be entered again.
Appreciate any guidance.
I am currently doing this by looking for a registry key/value and if not present, I run the setup process on application start.
The issue with my current setup is that any user that has access to the machine that it is installed on, could in theory just delete all of the registry keys to allow them to be able to reconfigure all settings.
This wouldn't necessarily be a concern if they deleted all registry settings as they would have to specify the database server and credentials again. If they however only deleted the registry key for first time setup they could technically run the first time setup and the app would see the existing database settings.
Is there a more elegant way of handling this and preventing unauthorised users from potentially getting on to the app if they somehow gained access to the computer?
The only thing I can think of with my current setup is that if the first time setup reg key is deleted then I prevent my setup form from reading in any existing settings and force them to be entered again.
Appreciate any guidance.