by an third party or any other individual who is responsible to handle the
server. As your site is handled or manage by another person it can be possible
for that person to view your connection string and can make changes to the
same. So in order avoid this we need to encrypt your connection string.This can be achieved by using aspnet_regiis tool provided by the ASP.NET.
It’s a very simple 3 steps process.
Step 1:- Let first define the connection string in web.config file like below
<add name=”Constr” connectionString=”Data Source=localhost;Initial Catalog=YourDataBaseName; Integrated Security=True”/>
In the above snippet code you can see that the connection string easily
visible by anyone because it is in decrypted format. Hence to prevent or protect the connection string we need to encrypt connection string in such a way that it is not visible to anyone.
Step 2: – Just go to Visual Studio Command Prompt and use spnet_regiis tool to encrypt the defined connection string like below diagram.
Now just execute the Visual Studio Command Prompt and if the encryption is done successfully a message will be displayed like below diagram.
Step 3:- Go to web.config file and you will see that connection string is
now in encrypted format like below diagram.
You will be also interested in watching the below video, which are also
asked in most of the interviews and favourable question of interviewers.
Please click here to see more ASP.NET and .NET interview questions