S
seguso
Hello,
I have a very simple question I could find nothing about.
When, in a .NET application, I connect to a database with a
ConnectionString like "database=foo; server=220.40.231.2; uid = root;
persist security info= false; pwd=blabla", does my root password
travel in clear-text?
AFAIU, the DB server should first send me its public key, with which I
would encrypt my root passord. Does this really happen under the hood,
or is my password travelling in clear?
I did notice the "encrypt=true" option in the connection string, but
it does not seem appropriate, because I don't need to encrypt all
communication with the DB server -- just the password.
Thank you very much for any reply.
(I am actually using mysql with MySql Connector/Net, but I suppose
this makes no difference. Or does it? )
Maurizio
I have a very simple question I could find nothing about.
When, in a .NET application, I connect to a database with a
ConnectionString like "database=foo; server=220.40.231.2; uid = root;
persist security info= false; pwd=blabla", does my root password
travel in clear-text?
AFAIU, the DB server should first send me its public key, with which I
would encrypt my root passord. Does this really happen under the hood,
or is my password travelling in clear?
I did notice the "encrypt=true" option in the connection string, but
it does not seem appropriate, because I don't need to encrypt all
communication with the DB server -- just the password.
Thank you very much for any reply.
(I am actually using mysql with MySql Connector/Net, but I suppose
this makes no difference. Or does it? )
Maurizio