Home/ Questions/Q 7836271
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T14:03:56+00:00

just want to ask what would be the best way to hide sensitive data

  • 0

just want to ask what would be the best way to hide sensitive data (ftp accounts, database connectionstring, etc) in .Net desktop applications.. any suggestions please.. 🙂

i was aware of putting data in the application and got in mind that what if the application will be deobfuscated or decompiled the hidden data will be expose.

i tried using Application Settings

Properties.Settings.Default.MyConnectionString = theConString;

but still the data can be seend when decompiled.

any suggestions please.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can encrypt all or part of the app.config file. This is particularly common for protecting database connection strings.

    Here is a detailed article about how to to this. In a nutshell, here is the code from there for encrypting the connection string section in app.config:

    static void ToggleConfigEncryption(string exeConfigName)
{
    // Takes the executable file name without the
    // .config extension.
    try
    {
        // Open the configuration file and retrieve 
        // the connectionStrings section.
        Configuration config = ConfigurationManager.
            OpenExeConfiguration(exeConfigName);

        ConnectionStringsSection section =
            config.GetSection("connectionStrings")
            as ConnectionStringsSection;

        if (section.SectionInformation.IsProtected)
        {
            // Remove encryption.
            section.SectionInformation.UnprotectSection();
        }
        else
        {
            // Encrypt the section.
            section.SectionInformation.ProtectSection(
                "DataProtectionConfigurationProvider");
        }
        // Save the current configuration.
        config.Save();

        Console.WriteLine("Protected={0}",
            section.SectionInformation.IsProtected);
    }
    catch (Exception ex)
    {
        Console.WriteLine(ex.Message);
    }
}
    • 0