Creating Encrypted Configuration Sections
If you need to protect sensitive information stored in a configuration file, you can encrypt the information. For example, you should always encrypt the connectionStrings
section of a configuration file to prevent your database connection strings from being stolen by unauthorized intruders.
You can encrypt just about any section in the web configuration file. You can encrypt any of the sections in the system.web
section group with the sole exception of the processModel
section. You also can encrypt a custom configuration section.
The .NET Framework uses the Provider Model for encrypting configuration sections. The Framework ships with two ProtectedConfigurationProvider
s: the RsaProtectedConfigurationProvider ...
Get ASP.NET 4 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.