Tom

Tom

  • NA
  • 7
  • 0

Encrypting / decrypting connection string in app.config file

Apr 17 2008 7:41 AM

Hi Everyone,

I had my windows app just how I wanted it, using the Enterprise Library to connect to a SQL database using a connection string stored in the app.config file. Then I realised that it was storing the sensitive connection string as plain text in the appname.exe.config file!

So I've seen that the idea is that you encrypt/decrypt the connection string section of the app.config file. And I've seen what look like some pretty decent links to examples showing how to toggle encryption (http://msdn2.microsoft.com/en-us/library/89211k9b(VS.80).aspx).

But can someone explain at a higher level at what point we encrypt and decrypt? Am I right in thinking that I should encrypt the connection string at design time, then decrypt at runtime? Sorry if I'm being slow here, but I just don't quite see how to apply this encryption toggling code. Any hints would be gratefully received! Thanks,

Tom


Answers (2)