Encrypting Connection String
From: paul reed (prreed@jacksonreed.com)
Date: 12/29/02
- Next message: th: "Re: Encrypting Connection String"
- Previous message: Beth Breidenbach: "Re: Forms authentication does not work......"
- Next in thread: th: "Re: Encrypting Connection String"
- Reply: th: "Re: Encrypting Connection String"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "paul reed" <prreed@jacksonreed.com> Date: Sat, 28 Dec 2002 21:31:11 -0800
I currently keep my connection string in web.config as clear text. Prior to
going to production I want to encrypt this string and then after retrieving
it at app startup I want to decrypt it.
I don't want to use the registry to store the encryption key or the
encrypted string...there are many suggestions out there but all point to the
evils of having to store the encrypt key somewhere (so you can decrypt the
connection string at a latter time). One thread I found say to create a
one-way hash...but of course no sample code along with that suggestion.
Can anyone point me in the right direction. I have checked all the sample
MSDN applications (Duwamish, etc...) and they all say, "...now in a real
application, you should encrypt either the whole connection string or at
least the password"...so they offer no code to do this.
What is the best approach?
Thanks in advance.
- Next message: th: "Re: Encrypting Connection String"
- Previous message: Beth Breidenbach: "Re: Forms authentication does not work......"
- Next in thread: th: "Re: Encrypting Connection String"
- Reply: th: "Re: Encrypting Connection String"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
