INTERNET APPLICATION DEVELOPMENT
MID MARKET ERP DEVELOPMENT
By Jacky Xu
Some sensitive information on web projects, such as database connection strings, are usually saved in unencrypted web.config files. The security of these files is always poor, because if an unauthorized person opens the files, he will see the database log-in info.
Revealing data is a danger to the safety of the database. I found a solution from Microsoft to encrypt web.config files, “Walkthrough: Encrypting Configuration Information Using Protected Configuration” at http://www.codepartners.com/LinkClick.aspx?link=http%3a%2f%2fmsdn.microsoft.com%2fen-us%2flibrary%2fdtkwfdky(v%3dvs.100).aspx&tabid=110&portalid=0&mid=622.