Encrypt connectionStrings section of web.config
<add name="ConnString" connectionString="Data
Security=True;User Instance=True" />
The easiest way to encrypt the <connectionStrings> section is to use the aspnet_regiis command-line tool.
This tool is located in the following folder:
Executing the following command encrypts the <connectionStrings> section of a Web.Config file
located in a folder with the path c:\Websites\MyWebsite:
aspnet_regiis -pef connectionStrings "c:\Websites\MyWebsite"
The -pef option (Protect Encrypt Filepath) encrypts a particular configuration section located at a particular path.
You can decrypt a section with the -pdf option like this:
aspnet_regiis -pdf connectionStrings "c:\Websites\MyWebsite"
ASP.NET page can read the value of the connection string by using the <%$ ConnectionStrings:ConnString %> expression
Revision number 1, Thursday, March 11, 2010 8:51:40 PM by nimish_soft
This is not the most up to date version of this article. The most recent version can be found here.
You must Login to comment.
Thu, Mar 11, 2010 11:10 PM
Sounds good. Can i use the connectionstring as a string variable in code behind after encrypted? or do i need to decrypt in code behind?
Sat, Mar 27, 2010 2:48 AM
There is no need to decrypt for using the encrypted session. If you want to edit then you want to decrypt... nice one
Wed, Aug 22, 2012 2:41 PM
Encrypt & Decrypt ConnectionString Section
Encrypt & Decrypt ConnectionString Section Sometimes we need to secure ConnectionString to prevent anyone can knows it. whatever your purpose from securing ConnectionString, there is a way to Encrypt and Decrypt ConnectionString by special codes as we