How secure is the username and password in the connection string?

Question

How secure is the username and password in the connection string?

when developing Windows applications:

How can I protect the username and password in the connection string?
Organizations such as banks, did they give out the username and password of their database to application developers? if not typical, how do application developers write database connections?
What is the industry standard for protecting user and password in connection string?

thanks

+4

c # database sqlconnection ado.net

sniff_bits Jan 24 '14 at 7:40

source share

4 answers

app.config , web.config. MS .

<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
  <EncryptedData>
    <CipherData>
      <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAH2... </CipherValue>
    </CipherData>
  </EncryptedData>
</connectionStrings>

+1

vikky 24 . '14 7:47

MSDN:

ASP.NET 2.0 , , . ASP.NET, Windows. . .

connectionStrings , . ConfigProtectionProvider , . EncryptedData .

 <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
  <EncryptedData>
    <CipherData>
      <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAH2... </CipherValue>
    </CipherData>
  </EncryptedData>
</connectionStrings>

,.NET Framework CipherValue . . MSDN, , :

0

Erwin 24 . '14 7:43

.

Example SqlCommand command = new SqlCommand ("select * from Login where Username = @name", conn); command.Parameters.Add (new SqlParameter ("@name", uname.txt)); .

0

user3229034 Jan 24 '14 at 7:45

source share

Joe · Accepted Answer · 2014-01-24T08:07:52+0000

How do I protect the username and password in the connection string?

Windows, , :

, . .
, . ACL.

, (, ASP.NET), . , .

, : . , , .

2. , , ? , ?

/. .

3. ?

" ", . 1.

How secure is the username and password in the connection string?

More articles: