Password Storing Standard

K

Kit Truong

Hello,

When I'm creating database driven asp applications, I store my constants,
including my connection string to the database within an asp file called
constants.asp. All constants are stored inside asp coding <% ... %> so
people can't save the data through the web.

I've been told this is an insecure way of storing the connect string becuase
my connect string would also store the username and password to connect to
the db.

My question is, what is the current standard for storing an connect string
to a database for asp applications?

Thanks.
 
D

dlbjr

I use the global.asa file for this. It's purpose is to hold constants in application variables.
Yes, There is a level of insecurity in having your connection string here or an asp.
This is fine in most situations. You are limited to your options when your site is on a host server.

If you have exclusive use of a server, you have many other options. A dll with the connection string
can be used to load the connection string on the application start.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,484
Members
44,903
Latest member
orderPeak8CBDGummies

Latest Threads

Top