Secure SQL Server Connection String
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 2 of 2

Thread: Secure SQL Server Connection String

  1. #1
    Join Date
    Mar 2010
    Posts
    2

    Talking Secure SQL Server Connection String

    I am developing a C# Desktop Application that connects to a SQL Server 2005 database hosted on a web server. The desktop application will be deployed on user pc's throughout the country. I am looking for a secure connection string for the code to connect to sql server 2005 through the c# desktop application. I would like to protect the database user name and password as much as possible.

    Assuming that someone is sniffing the connection string through the user pc what is the best way to secure the connection string so that it is not read in plain text.

    This is what I have currently put together based upon information I read on a MS web site:

    Data Source=XXXXXXXX;Initial Catalog=BaseXXX;Encrypt=True;Persist Security Info=False;Trusted_Connection=sspi;" +
    "User ID=sa;Password=XXX")

    Thank You

    Frank-

  2. #2
    Join Date
    Nov 2002
    Location
    .NET 3.5 VS2008
    Posts
    1,039

    Re: Secure SQL Server Connection String

    Uhm...

    I would recommend exposing the data via a web service (check out ADO.NET Data Services or WCF Data Services, not a lot of work involved). Or re-defining the application as web application.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width

This is a CodeGuru survey question.


Featured


HTML5 Development Center