March 9th, 2010, 09:01 PM
Secure SQL Server Connection String
I am developing a C# Desktop Application that connects to a SQL Server 2005 database hosted on a web server. The desktop application will be deployed on user pc's throughout the country. I am looking for a secure connection string for the code to connect to sql server 2005 through the c# desktop application. I would like to protect the database user name and password as much as possible.
Assuming that someone is sniffing the connection string through the user pc what is the best way to secure the connection string so that it is not read in plain text.
This is what I have currently put together based upon information I read on a MS web site:
Data Source=XXXXXXXX;Initial Catalog=BaseXXX;Encrypt=True;Persist Security Info=False;Trusted_Connection=sspi;" +
March 10th, 2010, 06:19 AM
Re: Secure SQL Server Connection String
I would recommend exposing the data via a web service (check out ADO.NET Data Services or WCF Data Services, not a lot of work involved). Or re-defining the application as web application.
Click Here to Expand Forum to Full Width
This is a CodeGuru survey question.