473,324 Members | 2,254 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Where to store DB Name and Password

Hi, I've got a SQL Server backend where I'm testing a new app and I'm
currently storing the DB name and password in a table. I suppose this
is secure to some extent, but what would you recommend, or is this the
defacto location for this type of data?

~Paul

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 18 '05 #1
3 1228
If you are talking about asp.net app with a sql server backend, then the
recommended place to store this information is in the web.config file.

HTH
"Paul" <do*****@paulNOSPAMMERleblanc.net> wrote in message
news:uL****************@TK2MSFTNGP12.phx.gbl...
Hi, I've got a SQL Server backend where I'm testing a new app and I'm
currently storing the DB name and password in a table. I suppose this
is secure to some extent, but what would you recommend, or is this the
defacto location for this type of data?

~Paul

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Nov 18 '05 #2
This kind of information is commonly stored in web.config.
If you don't feel that's secure enough, you can store your password
encrypted in the registry.
Here's more information:
http://msdn.microsoft.com/library/de...itysection.asp

--
I hope this helps,
Steve C. Orr, MCSD
http://Steve.Orr.net
Hire top-notch developers at http://www.able-consulting.com

"Paul" <do*****@paulNOSPAMMERleblanc.net> wrote in message
news:uL****************@TK2MSFTNGP12.phx.gbl...
Hi, I've got a SQL Server backend where I'm testing a new app and I'm
currently storing the DB name and password in a table. I suppose this
is secure to some extent, but what would you recommend, or is this the
defacto location for this type of data?

~Paul

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Nov 18 '05 #3
I would recommend use Windows Authentication in your connection string, that
way you don't have to store the username and password in Web.Config

This is a great check list for those kinds of security issues
http://msdn.microsoft.com/library/de...CL_SecuAsp.asp
--
Abdellah Elamiri
..net Developer
Efficacy through simplicity
"Paul" <do*****@paulNOSPAMMERleblanc.net> wrote in message
news:uL****************@TK2MSFTNGP12.phx.gbl...
Hi, I've got a SQL Server backend where I'm testing a new app and I'm
currently storing the DB name and password in a table. I suppose this
is secure to some extent, but what would you recommend, or is this the
defacto location for this type of data?

~Paul

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!

Nov 18 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

12
by: Pat A | last post by:
We have a dilemma. We are storing our database password in an include file that resides outside of the web root. The password is in plain text. So, no one can get that password because it can't...
3
by: faktujaa | last post by:
Hi, Currently im storing the connection info. in XML file on the C drive. the only problem with this is that anybody can open and check the database name. I know encryption can solve this problem...
10
by: Dica | last post by:
i've got an app that needs to connect to sql server and login with a useName/password. currently, my app saves this info in an XML file in plain text (i.e. no encryption). everytime the app is...
5
by: Guadala Harry | last post by:
What are my options for *securely* storing/retrieving the ID and password used by an ASP.NET application for accessing a SQL Server (using SQL Server authentication)? Please note that this ID and...
3
by: Paul | last post by:
Hi, I've got a SQL Server backend where I'm testing a new app and I'm currently storing the DB name and password in a table. I suppose this is secure to some extent, but what would you recommend,...
3
by: Darren Clark | last post by:
Basically i am curious as to where everyone stores there database details for ASP.NET apps? When developing controls i usually stored it in the web.config file. Then i move it to a internal...
6
by: ad | last post by:
We usually store the connection string of Web Applicaiton in Web.Config. Now I want to develop WinForm Application. Where is the better place to store the conneciton string?
4
by: Mark R. Dawson | last post by:
Hi all, I have a configuration file that is storing sensative data, like db passwords etc. I want to encrypt the file so that people can not see the contents. What are the standard practices for...
8
by: Merk | last post by:
I'm looking for a safe and maintainable way to store connection string info (connecting to SQL Server 2005 from .NET 2.0 Windows Forms client app); things like server name or IP address and...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.