Exception conditions can be caused by configuration errors, bugs in your code, or malicious input. Without proper exception management, these conditions can reveal sensitive information about the location and nature of your data source in addition to valuable connection details. The following recommendations apply to data access code:
Trap and log ADO.NET exceptions.
Ensure database connections are always closed.
Use a generic error page in your ASP.NET applications.
Place data access code within a try / catch block and handle exceptions. When you write ADO.NET data access code, the type of exception generated by ADO.NET depends on the data provider. For example:
The SQL Server .NET Framework data ...