Encrypt password in.config app

Asked

Viewed 177 times

0

Hello, people I am with the following situation I made an application and some connections I made via visual C# Only it created a file calling app.config with the connection information as below

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <configSections>
    </configSections>
    <connectionStrings>
        <add name="_4Award.Properties.Settings.controleBDConnectionString"
            connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
        <add name="_4Award.Properties.Settings.controleBDConnectionString1"
            connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
        <add name="_4Award.Properties.Settings.controleBDConnectionString2"
            connectionString="Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
        <add name="_4Award.Properties.Settings.controleBDConnectionString3"
            connectionString="Provider=Microsoft.ACE.OLEDB.12.0;Data Source=|DataDirectory|\controleBD.accdb;Jet OLEDB:Database Password=base1"
            providerName="System.Data.OleDb" />
    </connectionStrings>
    <startup> 
        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5"/>
    </startup>
</configuration>

I was wondering if there’s any way to encrypt the password to look like this in another application

<connectionStrings>
    <clear />
    <add name="CONNECTION_SQLSERVER" connectionString="Data Source=PARKING-PC\PONTOSQLEXPRESS;Initial Catalog=ACESSOBD;User Id=DEFAULT_ACESSO;Pooling=true;Min Pool Size=1;Max Pool Size=60;Password=" />
    <add name="PASSWORD_CONNECTION_SQLSERVER" connectionString="CGCCTKQ" />
  </connectionStrings>
c# visual-studio

  • It depends on how you are using the Connection string. You have the code that makes use of it?

  • I will take a look at the project and then put, as I said I made this connection via Wizard of Visual Studio C# to speed up the creation of the application, but I found this security flaw for the program I created

1 answer

0

Yes, there is a way. I have already needed to do this, but I did it in the simplest way possible. I set up this whole connection structure via code.

For example, in my app.config or web.config file, I don’t have connectionStrings. To mount I use appsetting, this way:

**<appSettings>
    <add key="Server" value="servidor"/> <!--Servidor-->
    <add key="Base" value="Base"/> <!--Nome da base-->
    <add key="User" value="Usuario"/>    <!--User-->
    <add key="password" value="pp$*#KCMJIIR*@_pLO(#(*"/>  <!--Senha criptografada-->

</appSettings>**

"Data Source={0};Initial Catalog={1};User Id{2};Pooling=true;Min Pool Size=1;Max Pool Size=60;Password={3}"

And via code, I decrypt the password, create the connectionStrings structure and at runtime send to the data access method, or Entity and etc. If it is the best way, do not know, I did what I needed in my project.

  • in my case this app.config file appeared with this information from my conncetion string due to I have created a data set using the visual studio Wizard and I wanted to know if there is any way by Wizard to encrypt at least the password

Browser other questions tagged c# visual-studio

You are not signed in. Login or sign up in order to post.