Hi Everyone,
I had my windows app just how I wanted it, using the Enterprise Library to connect to a SQL database using a connection string stored in the app.config file. Then I realised that it was storing the sensitive connection string as plain text in the appname.exe.config file!
So I've seen that the idea is that you encrypt/decrypt the connection string section of the app.config file. And I've seen what look like some pretty decent links to examples showing how to toggle encryption (http://msdn2.microsoft.com/en-us/library/89211k9b(VS.80).aspx).
But can someone explain at a higher level at what point we encrypt and decrypt? Am I right in thinking that I should encrypt the connection string at design time, then decrypt at runtime? Sorry if I'm being slow here, but I just don't quite see how to apply this encryption toggling code. Any hints would be gratefully received! Thanks,
Tom