2
Answers

Encrypting / decrypting connection string in app.config file

Tom

Tom

16y
10.2k
1

Hi Everyone,

I had my windows app just how I wanted it, using the Enterprise Library to connect to a SQL database using a connection string stored in the app.config file. Then I realised that it was storing the sensitive connection string as plain text in the appname.exe.config file!

So I've seen that the idea is that you encrypt/decrypt the connection string section of the app.config file. And I've seen what look like some pretty decent links to examples showing how to toggle encryption (http://msdn2.microsoft.com/en-us/library/89211k9b(VS.80).aspx).

But can someone explain at a higher level at what point we encrypt and decrypt? Am I right in thinking that I should encrypt the connection string at design time, then decrypt at runtime? Sorry if I'm being slow here, but I just don't quite see how to apply this encryption toggling code. Any hints would be gratefully received! Thanks,

Tom

Answers (2)