connectionString security
Posted: Thu 11 Mar 2010 20:46
Hello,
How can be a ConnectionString stored safely? If it is stored in the source code, it can be disassembled e.g. by the Reflector software. If I store it in the proper session of the app.config, then the encripting process should be done on that computer, which I want to use. So the decrypted data have to be put on that computer. If I apply my own encrypt/decrypt processes, the key can be read again, when the code is disassembled. If I use public key, the data can be decoded.
What do you advise me to solve this problem?
The advices of Google and MSDN lead me till this point. I didn't find anything related neither on the Devart's homepage, nor in the forums, maybe I was not careful enough.
Best regards,
Imre
How can be a ConnectionString stored safely? If it is stored in the source code, it can be disassembled e.g. by the Reflector software. If I store it in the proper session of the app.config, then the encripting process should be done on that computer, which I want to use. So the decrypted data have to be put on that computer. If I apply my own encrypt/decrypt processes, the key can be read again, when the code is disassembled. If I use public key, the data can be decoded.
What do you advise me to solve this problem?
The advices of Google and MSDN lead me till this point. I didn't find anything related neither on the Devart's homepage, nor in the forums, maybe I was not careful enough.
Best regards,
Imre