Is this a secure way to collect passwords?

Currently, I am using Gamesparks as the backend for my unity game. To do so, I have two input fields (one for username and one for passwords). When each input field is changed, I call the input field specific “On End Edit” (in the editor), and then call a method from my script which stores the variable using setPassword.

public void setPassword(string password){
        this.password = password;
    }

Password is a private variable, but I’m curious if this leaves me susceptible to hackers and if there is a more standard way of securely collecting passwords from input fields. These variables will then be applied to the authentication request method. Is it better to make an overarching method like so, or is that still problematic?

    //username would still be defined in a function above, but does calling this from the input field secure it?
    public void login(string password){
     new AuthenticationRequest()
                .SetPassword(password)
                .SetUserName(userName)
...

Thanks, sorry if I poorly phrased some things :stuck_out_tongue:

This should answer all your questions

Hash them using something like the SHA256 provider and when you have to challenge, hash the input from the user and see if the two hashes match.

byte[] data = System.Text.Encoding.ASCII.GetBytes(inputString);
data = new System.Security.Cryptography.SHA256Managed().ComputeHash(data);
String hash = System.Text.Encoding.ASCII.GetString(data);

There is SecureString for this purpose: SecureString Class (System.Security) | Microsoft Learn