You don't. The whole reason for using the SecureString object is to avoid creating a string object (which is loaded into memory and kept there in plaintext until garbage collection). However, you can add characters to a SecureString by appending them.

你没有。使用 SecureString 对象的全部原因是避免创建一个字符串对象（它被加载到内存中并以纯文本形式保存在那里直到垃圾收集）。但是，您可以通过附加字符将字符添加到 SecureString。

var s = new SecureString();
s.AppendChar('d');
s.AppendChar('u');
s.AppendChar('m');
s.AppendChar('b');
s.AppendChar('p');
s.AppendChar('a');
s.AppendChar('s');
s.AppendChar('s');
s.AppendChar('w');
s.AppendChar('d');

I'll throw this out there. Why?

我会把这个扔出去。为什么？

You can't just change all your strings to secure strings and suddenly your application is "secure". Secure string is designed to keep the string encrypted for as long as possible, and only decrypted for a very short period of time, wiping the memory after an operation has been performed upon it.

您不能只是将所有字符串更改为安全字符串，然后您的应用程序突然变得“安全”。安全字符串旨在尽可能长时间地保持字符串加密，并且只在很短的时间内解密，在对其执行操作后擦除内存。

I would hazard saying that you may have some design level issues to deal with before worrying about securing your application strings. Give us some more information on what your trying to do and we may be able to help better.

我冒昧地说，在担心保护应用程序字符串之前，您可能需要处理一些设计级别的问题。向我们提供有关您尝试做的事情的更多信息，我们可能会提供更好的帮助。

I'm agree with Spence (+1), but if you're doing it for learning or testing pourposes, you can use a foreach in the string, appending each char to the securestring using the AppendChar method.

我同意 Spence (+1)，但如果您是为了学习或测试倒姿势而这样做，您可以在字符串中使用 foreach，使用 AppendChar 方法将每个字符附加到安全字符串。

below method helps to convert string to secure string

下面的方法有助于将字符串转换为安全字符串

private SecureString ConvertToSecureString(string password)
{
    if (password == null)
        throw new ArgumentNullException("password");

    var securePassword = new SecureString();

    foreach (char c in password)
        securePassword.AppendChar(c);

    securePassword.MakeReadOnly();
    return securePassword;
}

You can follow this:

你可以按照这个：

string password = "test";
SecureString sec_pass = new SecureString();
Array.ForEach(password.ToArray(), sec_pass.AppendChar);
sec_pass.MakeReadOnly();

unsafe 
{
    fixed(char* psz = password)
        return new SecureString(psz, password.Length);
}

Here is a cheap linq trick.

这是一个廉价的 linq 技巧。

            SecureString sec = new SecureString();
            string pwd = "abc123"; /* Not Secure! */
            pwd.ToCharArray().ToList().ForEach(sec.AppendChar);
            /* and now : seal the deal */
            sec.MakeReadOnly();

If you would like to compress the conversion of a stringto a SecureStringinto a LINQstatement you can express it as follows:

如果你想把 astring到 a的转换压缩SecureString成一个LINQ语句，你可以这样表达：

var plain  = "The quick brown fox jumps over the lazy dog";
var secure = plain
             .ToCharArray()
             .Aggregate( new SecureString()
                       , (s, c) => { s.AppendChar(c); return s; }
                       , (s)    => { s.MakeReadOnly(); return s; }
                       );

However, keep in mind that using LINQdoes not improve the security of this solution. It suffers from the same flaw as any conversion from stringto SecureString. As long as the original stringremains in memory the data is vulnerable.

但是，请记住，使用LINQ并不能提高此解决方案的安全性。它与任何从string到 的转换都存在同样的缺陷SecureString。只要原始string数据保留在内存中，数据就容易受到攻击。

That being said, what the above statement can offer is keeping together the creation of the SecureString, its initialization with data and finally locking it from modification.

话虽如此，上面的语句可以提供的是将 的创建SecureString、它的初始化与数据保持在一起，并最终锁定它不被修改。

no fancy linq, not adding all the chars by hand, just plain and simple:

没有花哨的 linq，不是手动添加所有字符，只是简单明了：

var str = "foo";
var sc = new SecureString();
foreach(char c in str) sc.appendChar(c);

There is also another way to convert between SecureStringand String.

还有另一种在SecureString和之间转换的方法String。

1. String to SecureString

1. 字符串到 SecureString

SecureString theSecureString = new NetworkCredential("", "myPass").SecurePassword;

2. SecureString to String

2. SecureString 转字符串

string theString = new NetworkCredential("", theSecureString).Password;

Here is the link

这是链接