Encrypt password in.config app

Asked

Viewed 177 times

0

Hello, people I am with the following situation I made an application and some connections I made via visual C# Only it created a file calling app.config with the connection information as below

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <configSections>
    </configSections>
    <connectionStrings>
        <add name="_4Award.Properties.Settings.controleBDConnectionString"
            connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
        <add name="_4Award.Properties.Settings.controleBDConnectionString1"
            connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
        <add name="_4Award.Properties.Settings.controleBDConnectionString2"
            connectionString="Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
        <add name="_4Award.Properties.Settings.controleBDConnectionString3"
            connectionString="Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
    </connectionStrings>
    <startup> 
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5"/>
    </startup>
</configuration>

I was wondering if there’s any way to encrypt the password to look like this in another application

<connectionStrings>
    <clear />
    <add name="CONNECTION_SQLSERVER" connectionString="Data Source=PARKING-PC\PONTOSQLEXPRESS;Initial Catalog=ACESSOBD;User Id=DEFAULT_ACESSO;Pooling=true;Min Pool Size=1;Max Pool Size=60;Password=" />
    <add name="PASSWORD_CONNECTION_SQLSERVER" connectionString="CGCCTKQ" />
  </connectionStrings>
  • It depends on how you are using the Connection string. You have the code that makes use of it?

  • I will take a look at the project and then put, as I said I made this connection via Wizard of Visual Studio C# to speed up the creation of the application, but I found this security flaw for the program I created

1 answer

0

Yes, there is a way. I have already needed to do this, but I did it in the simplest way possible. I set up this whole connection structure via code.

For example, in my app.config or web.config file, I don’t have connectionStrings. To mount I use appsetting, this way:

**<appSettings>
    <add key="Server" value="servidor"/> <!--Servidor-->
    <add key="Base" value="Base"/> <!--Nome da base-->
    <add key="User" value="Usuario"/>    <!--User-->
    <add key="password" value="pp$*#KCMJIIR*@_pLO(#(*"/>  <!--Senha criptografada-->

</appSettings>**

"Data Source={0};Initial Catalog={1};User Id{2};Pooling=true;Min Pool Size=1;Max Pool Size=60;Password={3}"

And via code, I decrypt the password, create the connectionStrings structure and at runtime send to the data access method, or Entity and etc. If it is the best way, do not know, I did what I needed in my project.

  • in my case this app.config file appeared with this information from my conncetion string due to I have created a data set using the visual studio Wizard and I wanted to know if there is any way by Wizard to encrypt at least the password

Browser other questions tagged

You are not signed in. Login or sign up in order to post.