Ecrypt password in app.config

Question

I am using Entity Framework to create a SQLServer connection of database with a password:

connectionString="DataSource=|DataDirectory|DB.sdf;Password=abc

How can I protect the password while using Entity Framework?

Nick Jones · Answer 1 · 2012-09-04T10:30:10.077

1

    ConnectionStringsSection oSection = Configuration.ServiceConfiguration.GetConnectionStrings();
    if(!oSection.SectionInformation.IsLocked && !oSection.SectionInformation.IsProtected)
    {
        oSection.SectionInformation.ProtectSection("RSAProtectedConfigurationProvider"); 
        oSection.CurrentConfiguration.Save();
    }

edited Sep 04 '12 at 10:30

answered Sep 04 '12 at 10:23

Nick Jones

6,413
2
18
18

Does this work with entity framework, because the code above will encrypt the connection string. – Alvin Sep 04 '12 at 12:44

score 0 · Answer 2 · answered Sep 04 '12 at 10:28

If you have access to the server, you can use the web config encryption tool from cmd. I create a .bat file in the same folder as my web.config containing:

aspnet_regiis -pef connectionStrings .
aspnet_regiis -pef appSettings .
pause

This will encrypt the connectionStrings whole section and in my case, the appSettings whole section too.

To Decrypt, do:

aspnet_regiis -pdf connectionStrings .
aspnet_regiis -pdf appSettings .
pause

You will need to run this from the server though.

score 0 · Answer 3 · edited May 23 '17 at 12:20

0

You can write EncDecHelper.Decrypt by using samples from here: Encrypt/Decrypt string in .NET

You will find the related information from here: Encrypt password in App.config

edited May 23 '17 at 12:20

Community

1
1

answered Sep 04 '12 at 10:34

Vishal Suthar

17,013
3
59
105

Ecrypt password in app.config

3 Answers3