Encrypt sqlconnectionstring on XML files

  • Thread starter Luis Esteban Valencia
  • Start date
L

Luis Esteban Valencia

Hello I want to encrypt the sqlconenction string on the xml
configuration files.

The problem is the following
I have an application at my company that accesses a sql server local
database. this database connection string is in a file called appconf.xml
in my class library called DataAccessLogicLayer.

If I encrypt the connection string what should I do when I deploy to
customer? how should they change the connection string if that XML file is
encryped.
 
P

Peter Rilling

Why would you need to encrypt the connection string? If you use a trusted
connection (meaning now username and password is stored in the string), then
there is no private information that needs to be encrypted.
 
P

Peter Rilling

I see your point. Okay, here is my take on that information. It is going
overboard. There is such a thing as too much security and Microsoft likes
to place all information in an envelop, which is placed in a box, wrapped
with a chain and a pad lock, placed in a safety deposit box in a bank, where
the entire bank itself is placed in a mile thick vault, finally dumped in
the deepest part of the ocean.

You don't what to expose passwords, but if you just use a trusted connection
then securing it is not really important. The name of the database is not
secret, in my opinion.

If you still need to encrypt the information, this article might get you
started --
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT09.asp.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,480
Members
44,900
Latest member
Nell636132

Latest Threads

Top