Data Security in ASP.NET Applications
You've seen how to add code to the existing security framework to add enhanced role-based security and other features. All of that won't do you much good if your website can't protect your data and your users' data. The next section discusses various things you can do to secure the data on which your site operates as well as the data that belongs to your users, such as sensitive information like credit card data and passwords.
Protecting Connection Strings and Web.config Data
Everything that resides in your Web.config file is human-readable text. That means that if anyone were to ever gain possession of your Web.config file, he would be able to read all the sensitive information contained therein.
In theory, ...
Get Microsoft® Visual C#® .NET 2003 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.