My problems is as follows. I use a SQL Server 2008 database. I don’t

Question

0

Asked: May 27, 20262026-05-27T09:15:59+00:00 2026-05-27T09:15:59+00:00

My problems is as follows. I use a SQL Server 2008 database. I don’t

0

My problems is as follows. I use a SQL Server 2008 database. I don’t want to put db passwords in plain text on my configuration. I know that there is an option to encrypt the app.config like the following article explains, but in my case I don’t think it is sufficiently secure. Someone proposed that I will try to search for a way to use client side certificates to connect the database. I could not find a way to do it and appreciate your help here.

Many thanks,
ikaso

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T09:16:00+00:00

Editorial Team

2026-05-27T09:16:00+00:00Added an answer on May 27, 2026 at 9:16 am

Based on comments to the quesion..

If you use “Windows Authentication” then no passwords are needed.

The credentials are taken from the token of the logged in user. The “logged in” user can be

A human using some app
IIS App Pool credentials
Windows Service credentials

So the password entry is done when configuring IIS or the service, or when the human logs in.

This assumes a domain of course…

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

My problems is as follows. I use a SQL Server 2008 database. I don’t

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply