Hi All,
Using ASP.Net we are storing the SQL Server name and database name in the appSettings section of the web.config file. How do you folks go about making sure this info is secure.
Should I tell my users the need to give the aspnet user access to the database and use NT Authentication exclusivly. Or, should I have them put a username and password in the config file? If they do this, how secure is it.
What about impersonation? It seems, if I need a username/password of a windows user, this is just the same as storing the sql username/password.
Thanks,
BOb
Next
Reply
View the map of this thread
View the map of this thread starting from this message only
View all messages of this thread
View all messages of this thread starting from this message only