One of the primary places that sensitive information is stored in an ASP.NET application is the Web.config file. To help secure information in configuration files, ASP.NET provides a feature called protected configuration, which enables you to encrypt sensitive information in a configuration file. A configuration file that encrypts the connection string values using protected configuration does not show the connection strings in clear text, but instead stores them in encrypted form.
Integrated Security="True" in web.config file during connection string
what is the best way to encrypt or decrypt conn string?
The Encryption and Decryption of the Web.Config file’s ConnectionStrings section will be performed using aspnet_regiis.exe
aspnet_regiis.exe -pef “Connectionstrings” “D:/Irfan/MySolution/MyProject”.
Here aspnet_regiis is command-pef is Encryption action to be performed.“Connectionstrings” is connection string i.e name of the section Next one is path
This command should be executed in visualstudio commandprompt in visual studio tools
https://www.aspsnippets.com/Articles/Encrypt-and-Decrypt-Connection-Strings-in-WebConfig-file-in-ASPNet.aspx
We can encrypt by using the following command aspnet_regiis.exe -pd "connectionStrings" -app "/VIRTUALFOLDER" You can find more options on this in the following MSDN link https://msdn.microsoft.com/en-in/library/bb986792.aspx
dd