Encrypt password in App.config

Solution 1

Lets say this is your connection string:

<connectionStrings>
    <add name="cs" connectionString="Data Source=myServerAddress;Initial Catalog=myDataBase;User Id=myUsername;Password=XXSDFASFDKSFJDKLJFDWERIODFSDFHSDJHKJNFJKSD;"/>
</connectionStrings>

Then you can do something like this:

string myCs = System.Configuration.ConfigurationManager.ConnectionStrings["cs"].ConnectionString;

System.Data.SqlClient.SqlConnectionStringBuilder csb = new System.Data.SqlClient.SqlConnectionStringBuilder(myCs);
csb.Password = EncDecHelper.Decrypt(csb.Password);
myCs = csb.ToString();

You can write EncDecHelper.Decrypt by using samples from here: Encrypt and decrypt a string

Solution 2

Use the connectionStrings configuration section and encrypt the whole section - instead of just the password.

This is safer as your app config will no longer have the server names and user names in plain text either.

There are how-to documents for encrypting configuration sections on MSDN for RSA or DPAPI.

Related videos on Youtube

13 : 31

C# Language Tutorial | App.Config File in C# | Connection String in app.config | C# Full Course

BestDotNetTraining

113069

14 : 57

How Do I Encrypt a Connection String? How Do I Protect My Settings in a Desktop Application?

IAmTimCorey

44

06 : 16

How to Encrypt and Decrypt Connection Strings Web.config Using aspnet_regiis.exe

Csharp Space

20

21 : 35

Spring Boot Password Encryption for Application using Jasypt | JavaTechie

Java Techie

15

06 : 03

C# Tutorial In Urdu - How to encrypt and decrypt App.Config and Web.Config Files

ProgramInUrdu

13

19 : 38

How to Encrypt and Decrypt Connection Strings in .Net app.config and web.config Files

Sean MacKenzie Data Engineering

7

05 : 19

C# How to Encrypt or Decrypt Password from Config files

Techiez hub

4

09 : 52

How to Encrypt app.config part 1

Stephen Tung

1

Author by

NDeveloper

Updated on July 09, 2022