Re: How to prevent connection string from user?

From: Kevin McDonnell [MSFT] (kevmc_at_online.microsoft.com)
Date: 08/23/04

Next message: Kevin McDonnell [MSFT]: "RE: Slammer variant?"
Previous message: Jasper Smith: "Re: Trace Output in a Table"
In reply to: Dan Guzman: "Re: How to prevent connection string from user?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 23 Aug 2004 17:38:13 GMT

If you want to protect the connection string in your application, you can
encrypt it using DPAPI API, and you can also use SSL encryption to encrypt
the login and data on the wire.

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/secnetlpMSDN.asp

Thanks,

Kevin McDonnell
Microsoft Corporation

This posting is provided AS IS with no warranties, and confers no rights.

Next message: Kevin McDonnell [MSFT]: "RE: Slammer variant?"
Previous message: Jasper Smith: "Re: Trace Output in a Table"
In reply to: Dan Guzman: "Re: How to prevent connection string from user?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Encryption of Connection String
... Do you know what level of encryption IS applied to the connection string? ... > to the SQL Server via SQL authentication the password is only ... Thus you might have made all this effort to encrypt the ... > Authentication is always the preferred option unless you are using ...
(microsoft.public.sqlserver.security)
ConnectionString encryption decryption
... Decrypt function used to encrypt and decrypt the connection string pass to ... at System.EnterpriseServices.Thunk.Proxy.CoCreateObject(Type serverType, ...
(microsoft.public.dotnet.general)
Re: Help Encrypting Connection String
... but I have to do it on SQL Server instead of SQL ... If I'm retrieving the connection string in my own code, ... > in 2.0 you can encrypt nearly all config section out of the box using the ... >> the config file, but .NET 2.0 has more options. ...
(microsoft.public.dotnet.framework.aspnet.security)
Re: connectionstring & web farm
... You can encrypt separately on each machine, but you will have to encrypt ... "hard coded" unless you put source on the web server. ... Registry is an option that is more secure than config, ... web applications which all are using the same connection string. ...
(microsoft.public.dotnet.framework.aspnet)
Re: Encrypt sqlconnectionstring on XML files
... There is such a thing as too much security and Microsoft likes ... If you still need to encrypt the information, ... > on XML configuration files. ... >> Why would you need to encrypt the connection string? ...
(microsoft.public.dotnet.framework.aspnet)