We publish server-side application to our customer workstation and customer’s security guys are concerned

Question

0

Asked: May 19, 20262026-05-19T03:24:15+00:00 2026-05-19T03:24:15+00:00

We publish server-side application to our customer workstation and customer’s security guys are concerned

0

We publish server-side application to our customer workstation and customer’s security guys are concerned about configuration connection strings safety.

Connection strings are stored as plain text right now, but as configuration file is not in the public/shared folder we supposed that workstation security itself is enough.

What are the ways to improve connection strings security further?

It is a big step forward to encrypt password and keep a decryption key on the same workstation? What are the steps we can take to keep connection strings (and alike) information more and more securable?

Thank you in advance!

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-19T03:24:16+00:00

Editorial Team

2026-05-19T03:24:16+00:00Added an answer on May 19, 2026 at 3:24 am

First of all, why do you need to protect connection strings? If you store there user credentials then may be it is better to use “Integrated Security” (if possible)..? In addition you could restrict user rights on database level.

But if you’re sure that you really need to encrypt something in config then check this

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

We publish server-side application to our customer workstation and customer’s security guys are concerned

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply