Post reply

SQL Login Password Encryption

  • March 3, 2010 at 8:42 pm

    #386428

    I have a requirement where my connection string in web.config of IIS will connect to SQL Server with SQL Login so i have to supply the password in the file to connect to sql server .

    I dont want to expose the password in the web.config file ,How i can keep the encrypted form of the password in web.config and that should connect to SQL in normal way?

    Thanks for your time....

  • March 3, 2010 at 11:55 pm

    #1128295

    sqlquery-101401 (3/3/2010)

    I have a requirement where my connection string in web.config of IIS will connect to SQL Server with SQL Login so i have to supply the password in the file to connect to sql server .

    I dont want to expose the password in the web.config file ,How i can keep the encrypted form of the password in web.config and that should connect to SQL in normal way?

    Thanks for your time....

    never faced such a situation & not an expert in this but i think you should use application role.

    Regards,
    Sarabpreet Singh 😎
    Sarabpreet.com
    SQLChamp.com
    Twitter: @Sarab_SQLGeek

  • March 4, 2010 at 12:00 am

    #1128297

    Use SSPI in your web.config, and use an application role, where the ID & Pwd will be save and encrypted in SQL Server.

    -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    This thing is addressing problems that dont exist. Its solution-ism at its worst. We are dumbing down machines that are inherently superior. - Gilfoyle

  • March 4, 2010 at 9:06 am

    #1128555

    Thanks , can you please elaborate on SSPI part?

  • March 4, 2010 at 10:04 pm

    #1128948

    SSPI:

    http://msdn.microsoft.com/en-us/library/aa380493(VS.85).aspx

    -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    This thing is addressing problems that dont exist. Its solution-ism at its worst. We are dumbing down machines that are inherently superior. - Gilfoyle

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply