4

I had done many searches to check how to encrypt SQL connection string in app.config of C# application. I found that using aspnet_regiis is not secure as any one on the client machine can decrypt it if he know what to do, some advised to use web services, I could not find how, can any one give examples please?

Thanks,

Improve this question

1 Answer 1

Reset to default
3

You need to build a layer between your client app and the SQL server. That's a recurring pattern in modern applications.

Create a web service that answers requests from the clients, fetching its data from the sql database. This way, the SQL connection string is never known by the client.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.