How to follow the best way to secure connection strings in an ASP.NET web application?

 Posted by Tripati_tutu on 11/18/2010 | Category: ASP.NET Interview questions | Views: 2981 | Points: 40

• When you are working with ASP.NET applications, you should always store the connection strings in Web.config file. This is very secure. No user has rights to access web.config file from the browser.

• Store the connection strings as encrypted format in the configuration file.

• Don't store the connection strings in .aspx page.

• It is not recommended to set connection strings as declarative properties of the SqlDataSource control or some other data source controls.

Asked In: Many Interviews | Alert Moderator 

Comments or Responses

Posted by: Charan on: 12/5/2010 | Points: 10
always best place to store connection strings in a web.config file., its a good place for secure connection.

Login to post response