Reputation: 413
I decided to use the ASP.Net Membership for my new web application. In my web config i've setup the connection string and membership provider. What bothers me is that the connection string is in plain text that contains the user and password (integrated security is not possible). Can anyone suggest a best practice solution to make this secure?
Upvotes: 0
Views: 275
Reputation: 9478
You can encrypt connection strings in config files.
Encrypt:
aspnet_regiis.exe -pe “connectionStrings” -app “/DemoApplication”
Decrypt:
aspnet_regiis.exe -pd “connectionStrings” -app “/DemoApplication”
Upvotes: 2