Home/ Questions/Q 8221373
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T13:53:52+00:00

as you guys know that the Hardcoded coding in exe file can easily be

  • 0

as you guys know that the Hardcoded coding in exe file can easily be seen through some Softwares (e.g. code reflector), I want to know whether how can I Hide my connection string having information of sql server username and password to connect to database in windows forms application from being seen through any code reflector so that any one else Except me may never be able to use my application without my permission.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    As commented, you are better off using Integrated Security, however if you are targeting a SQL Server with say Mixed Mode Authentication you could use the Data Protection API to encrypt the connection string in the app.config. Here is a great article on the topic:

    Protecting application secrets, such as database connection strings
    and passwords, requires careful consideration of a number of pertinent
    factors such as how sensitive the data is, who could gain access to
    it, how to balance security, performance, and maintainability, and so
    forth. This article explains the fundamentals of data protection and
    compares a variety of techniques that can be used to protect
    application settings. The author discusses what to avoid, such as
    hiding keys in source code and the use of Local Security Authority. In
    addition, he presents some effective solutions such as the Data
    Protection API.

    Safeguard Database Connection Strings and Other Sensitive Settings in Your Code

    How To: Use DPAPI to Encrypt and Decrypt Data (C#/VB.NET)

    • 0