8.4. Store a Database Connection String Securely
You need to store a database connection string securely.
Store the connection string in an encrypted section of the application's configuration file.
Protected configuration—the .NET Framework feature that lets you encrypt configuration information—relies on the key storage facilities of the Data Protection API (DPAPI) to store the secret key used to encrypt the configuration file. This solves the very difficult problem of code-based secret key management. Refer to recipe 12-18 for more information about the DPAPI.
How It Works
Database connection strings often contain secret information, or at the very least information that would be valuable to someone trying to attack ...