I wrote WinForm application using C#. The application needs to be connected to a database, so it contains code such:
String connstring = String.Format("Server={0};Port={1};" +
"User Id={2};Password={3};Database={4};",
"localhost", "3456", "username",
"password", "databasename" );
That means that the user and the password of the database server is included internally in the application. I think this is not a secure way. Is there any way can give more security?
You could add an encrypted connection string to your app.config.
For more information : Securing Connection Strings