Re: SQL Server and ODBC connection strings questions
- From: nate.vu@xxxxxxxxx
- Date: 3 May 2006 00:59:40 -0700
If you don't want the password set in clear text, you can put it in the
Registry (possibly securing it using NT permissions) and then reading
the appropriate registry key from your application.
I also believe that you can set the Client & Server Net Libraries (on
SQL Server 2000, not sure of the 2005 equivalent) to force protocol
encryption so that nothing gets transmitted as plain text. There will
be a performance hit for doing this though as more work has to go into
encryption/decrypting the packets sent across the network.
Hope that helps or sheds a little more light on things.