Web.config and Passwords

[Staffing]

Is there a better way to store data base passwords in web.config file rather
then having them on clear

Jay

 

[S. Justin Gengo]

Staffing,

Here's a great article on how to use hashed passwords in the web.config
file:

http://www.15seconds.com/issue/020305.htm

Sincerely,

--
S. Justin Gengo, MCP
Web Developer

Free code library at:
www.aboutfortunate.com

"Out of chaos comes order."
Nietzche

 

[Jerry III]

Its a lot safer to hash passwords. The only time you can't do it is if you
need to be able to get the password clear text at one point or another, then
you have to encrypt.

Jerry

 

[Staffing]

So I have to write the Encryption / Decryption code ? Or is it a built in
function in .NET. Where do I store the key ? Do I hard code that into the
code ?. Should I just use a 3DES encryption ?

Thanks

Jay