7

So I have seen some different articles on securing connection strings for ASP.Net applications, but they are all quite dated. I have searched for "Securing Connection String ASP.Net" "Protect Password connection string SQL Server" and other variations and I'm not finding exactly what I'm looking for.

I am specifically using MVC 5. My question is, Is there a method for storing my password outside of the web.config in a manner that is secure so that my password is not in plain text that is easy to implement.

I was assuming that I could connect to my database and through some type of action reset the password using encryption or hashing through the command line. I'm new to this, so be kind. What are my options. I'm assuming there must be a best practice that is not too complex.

I'm connecting to SQL Server 2012 using an MVC 5 (C# in .Net 4.5)

Most of the stuff I found was dated (2007). I did run across something about using Rijndael Example.

Improve this question
0

1 Answer 1

Reset to default
7

You want configuration section encryption, see this article. This is a native option of ASP.NET so it works for MVC too. Note, in case of a web farm scenario you need the same key on every machine in the farm.

Another option could be placing a clear connection string to machine.config (it will auto merge to all configuration files on the box) and restricting file access to it.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

In this topic you'll learn how to place your connection strings within the Web.config file using Visual Studio and a data source control, and how to use the command-line utility, Aspnet_regiis.exe, to encrypt those connection strings for an added layer of security. EXACTLY WHAT I'M LOOKING FOR!
This article link above not resolving

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.