Encrypting Connection Strings in Web.config (2 tags)
One of the best practices in ASP.NET is to save your database connection strings in the Web.config file instead of hard-coding it in your code. It's not such a good idea to save your connection strings as plain text in Web.config you should ideally encrypt the connection strings so it leaves no chance for a potential hacker to easily get more information about your database server. In ASP.NET 2.0, Microsoft has taken this further by allowing you to encrypt the connection strings in Web.config, all without much plumbing on your part. In this new article by Wei-Meng Lee, he shows you how it works!