8.4. Store a Database Connection String Securely
Problem
You need to store a database connection string securely.
Solution
Store the connection string in an encrypted section of the application's configuration file.
NOTE
Protected configuration—the .NET Framework feature that lets you encrypt configuration information—relies on the key storage facilities of the Data Protection API (DPAPI) to store the secret key used to encrypt the configuration file. This solves the very difficult problem of code-based secret key management. Refer to recipe 12-18 for more information about the DPAPI.
How It Works
Database connection strings often contain secret information, or at the very least information that would be valuable to someone trying to attack ...
Get Visual Basic 2008 Recipes: A Problem-Solution Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.