Last post Mar 11, 2013 02:28 PM by sukumarraju
Mar 11, 2013 02:06 PM|esr124|LINK
My group is getting ready to migrate our current website from ColdFusion to ASP.NET. Currently all database connections are stored within ColdFusion Administrator as Data Sources. When we move to ASP.NET we will have to put the database connection strings
in the web.config file(s). People within the group are worried about plain text passwords sitting in the web.config files. I've read online where people are saying to separate the code from configurations and only apply the passwords for config files when
deploying the application. Is there a best practice when it comes to doing this? We are not a large group, so our process can't be too complicated, but I would like to do something that follows best practices.
Mar 11, 2013 02:28 PM|sukumarraju|LINK
Encrypt the connectionstrings section as explained in my blog article