Re: web.config - Passwords Clear Text

From: Matjaz Ladava (matjaz_at__nospam_ladava.com)
Date: 05/27/03

• Next message: Matjaz Ladava: "Re: NTLM Hash in ASP.NET"
• Previous message: Mary Chipman: "Re: web.config - Passwords Clear Text"
• In reply to: Mary Chipman: "Re: web.config - Passwords Clear Text"
• Next in thread: Mary Chipman: "Re: web.config - Passwords Clear Text"
• Reply: Mary Chipman: "Re: web.config - Passwords Clear Text"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 27 May 2003 20:40:25 +0200

Just to suplments/correct. This won't help in <identity impersonate>
section, because you can't specify passwordFormat like in <user> section.
See
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/gngrfidentitysection.asp
on how to secure <identity> Element.

Regards

Matjaz Ladava

"Mary Chipman" <mchip@nomail.please> wrote in message
news:mab7dvg8vd2qg6emeqpei8smj8lapbb0nj@4ax.com...
> Yes -- look for the HashPasswordforStoringinConfigFile method in the
> Help file. It's available in both 1.0 and 1.1.
>
> -- Mary
> MCW Technologies
> http://www.mcwtech.com
>
> On Mon, 26 May 2003 10:58:22 -0700, "Sanka" <loonysan@mailcity.com>
> wrote:
>
> >Hi all,
> >
> >Is there a way to encrypt the passwords which are
> >appearing in the Config file.
> >
> >In the web.config file, for the identity tag we are
> >setting impersonate=true and giving a UserName and
> >Password. Currently the password is in clear text. Is
> >there a way to encrypt the password and give it in
> >web.config file.
> >
> >Thanks for your thoughts.
> >
> >Cheers,
> >Sanka
>

• Next message: Matjaz Ladava: "Re: NTLM Hash in ASP.NET"
• Previous message: Mary Chipman: "Re: web.config - Passwords Clear Text"
• In reply to: Mary Chipman: "Re: web.config - Passwords Clear Text"
• Next in thread: Mary Chipman: "Re: web.config - Passwords Clear Text"
• Reply: Mary Chipman: "Re: web.config - Passwords Clear Text"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Cannot open encrypted file after changing password ... Regards ... Mark Dormer ... >I have two files encrypted by checking the "Encrypt contents to secure ... (microsoft.public.windowsxp.security_admin) Re: web.config - Passwords Clear Text ... but only in .NET Framework 1.1. ... Regards ... Matjaz Ladava ... > Is there a way to encrypt the passwords which are ... (microsoft.public.dotnet.framework.aspnet.security) Re: simple data encryption algorythm? ... pass a string to encrypt it. ... >> does anybody know any simple and FAST algorythm to encrypt data in the ... > How secure should it be? ... (microsoft.public.fox.programmer.exchange) RE: local admin account password ... > encrypt the database and create alerts in the event of unsuccessful ... >> no more recovery console and don't think cached logins will work. ... >> The DB file would be encrypted with EFS so only the limited user SQL ... >> itself doesn't really need to be secure as the authentication is based ... (Focus-Microsoft) RE: local admin account password ... > Subject: local admin account password ... > secure it. ... > and then encrypt the file (PGP or something like it with the private ... (Focus-Microsoft)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint