Secure SQL Server Connection String
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums
Results 1 to 2 of 2

Thread: Secure SQL Server Connection String

  1. #1
    Join Date
    Mar 2010

    Talking Secure SQL Server Connection String

    I am developing a C# Desktop Application that connects to a SQL Server 2005 database hosted on a web server. The desktop application will be deployed on user pc's throughout the country. I am looking for a secure connection string for the code to connect to sql server 2005 through the c# desktop application. I would like to protect the database user name and password as much as possible.

    Assuming that someone is sniffing the connection string through the user pc what is the best way to secure the connection string so that it is not read in plain text.

    This is what I have currently put together based upon information I read on a MS web site:

    Data Source=XXXXXXXX;Initial Catalog=BaseXXX;Encrypt=True;Persist Security Info=False;Trusted_Connection=sspi;" +
    "User ID=sa;Password=XXX")

    Thank You


  2. #2
    Join Date
    Nov 2002
    .NET 3.5 VS2008

    Re: Secure SQL Server Connection String


    I would recommend exposing the data via a web service (check out ADO.NET Data Services or WCF Data Services, not a lot of work involved). Or re-defining the application as web application.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Windows Mobile Development Center

Click Here to Expand Forum to Full Width

This is a survey!

HTML5 Development Center