Xml file (on a server) Based Authentication for a desktop application possible?

I am developing a Desktop application using c#. This application would require users to login before using it .

I plan to have an xml file on a server (which is not public to view) .

When the user logs in to the application using a username and password it would check with the xml file Online for th开发者_JAVA技巧e information and allow the user to proceed .

This is my approach and have not started coding it yet . I would like to know if this is good enough an approach or are there are any other approaches that are better and more feasible ?

Please change the tags associated with the question if anyone feels they are not the right ones ..

thanks

EDIT 1.

I would add another level of username password to use that xml file online .. One that only the application would know

---

You can create a WCF Service around your XML-File to authenticate the users. That way, you don't need to expose the file to the public.

---

It could be, depending on your exact scenario and requirements. A couple of things you may want to think about:

1. Consider storing hashes of the password in the database rather than the password itself. (And then send the hashed password over the wire rather than the password itself.) That way, if either your database or connection are ever compromised, you won't be exposing passwords.
2. Consider sending the authentication data over an SSL connection so it cannot be seen by eavesdroppers. (Especially if you choose to send raw passwords over the wire.)