I’m working on my first real WinForms application, and my boss has asked that I figure out a way to encrypt the connection string inside the app.config. I’ve read some of the suggestions in other questions about connection string encryption, and I recognize that it isn’t a silver bullet answer to the security/privacy problem. We’ve considered writing web services to retrieve data from the database, but this is a very small project and unfortunately isn’t a priority at this time.

Edit: I left out the detail that I’m working for a state institution (community college) where, because we’re identifying students using a state-mandated private system ID, we need to secure the application in some form or fashion. Students may enter their network IDs to identify themselves (which we need to protect anyway as some students have restraining orders and need much of their records kept private), but many students only know their system IDs (which are always kept private).

Regardless, we’d like to get this process working in conjunction with ClickOnce deployment, but my encryption process crashes the application when I run the ClickOnce executable. Here’s my encryption code (which is lifted from another question here on SO):

public static void EncryptConfigSection(string sectionName)
{
    Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);

    ConfigurationSection section = config.GetSection(sectionName);

    if (section != null)
    {
        if (section.IsReadOnly() == false &&
            section.SectionInformation.IsProtected == false)
        {
            section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");

            section.SectionInformation.ForceSave = true;

            config.Save(ConfigurationSaveMode.Full);
        }
    }

    ConfigurationManager.RefreshSection(sectionName);
}

I’m calling this function from the Main() function in Program.cs, but I’m not sure if this is the appropriate place for it. Additionally, while this function encrypts the app.config correctly, as soon as I exit the application, the app.config decrypts. I feel like I’m missing a piece to the puzzle (or perhaps large swaths of the puzzle).

Can anyone offer me some insight into these problems? I’d like to reiterate that I recognize that web services are the end goal here, so if this is just not a solvable problem using CLickOnce, then I’m willing to suggest that we prioritize writing web services now.