Saving connectionstring the secure way

Hot Topic

using XML to generate GUI?
64 Bit Local Debugger on Whidbey FINAL
Can't Add Reference to DLL
Failed to access IIS metabase
.NET 1.1 & SQLEXPRESS
Data Access Application Block - Return_Value Issues
webservice error
The GC is not Disposing the object.
Possible to pass System.Type and then cast an Object?
Return list of Group Roles that a user is a member of

.NET Development

Passing reference values to C++ functions
Web Form with just a TextBox and a Button
Can XmlWriter validate against schema also? (.NET 2.0)
Launching a COM server from a service on WinXP 64-bit
Windows Service using Sockets
How can I make VS 2005 use .net 1.1 Framework?
How to delete a line from a text file using C#
Error adding web service reference
How to Log File Reads on Server Share
WSE/DIME - ResponseSoapContext.Current = <undefined value>

Saving connectionstring the secure way

Hello,
I want to save my connectionstring engrypted in the my.settings system. I know how to save settings and how to deal with a connectionstring, but I have no idea how to encrypt my connection string so that nobody can see the the password.

I hope you can help me.
Thank you

Answer this question

Saving connectionstring the secure way

  • farukh

  • borba777

    Eeee, this will onyl encode the string, not encrypt it.

  • ctimko

    Tim,

    You can encrypt your connection string using System.Convert.ToBase64String(data).

    This should help you to convert a simple text into encrypted format.

    For Example :

    value = "data source = datasource;initial catalog=dbname;user id=sa;password=password"

    OUTPUT

    value = RGF0ZXSBTb3VyY2U9STJUTVRFU1Q7dXNlciBpZD12Zm9sbG93dXA7cGFzc3dvcmQ9Zm9sbG93MTIzNA==

    I hope this helps

    Regards,

    Agam



  • stephan mantler

    Ooops my bad.. It should be encoding and not encrypting.

    Well you can use System.Security.Cryptography namespace for encryption.

    Check out this article

    http://msdn.microsoft.com/msdnmag/issues/04/11/CryptoUtility/

    I guess this should give you a start.



  • gotelin

    The link in Miha's first post has a good discussion of encryption issues specific to connection strings and other database concerns. It also provides a link to another document that references another link that covers the topic: http://msdn.microsoft.com/library/default.asp url=/library/en-us/dnnetsec/html/SecNetch12.asp.

    This article also talks specifically about connection strings, and gives examples on different ways to encrypt them. It also include further references to new functionality in ASP.NET 2.0.

    Thanks,

    Sarah



  • Saving connectionstring the secure way
Answer this question