dotnet security:
re: con strings
The threat model is, that if you somehow can view the config file (via a
directory traversal attack or simply a too loose ACL on the file) - you can
only see the encrypted string. To decrypt it, you need to be able to execute
code on that machine - which is most often more difficult.
Encrypting con strings mostly makes sense in server scenarios - in client
apps it is not really protecting anything because if the app (running in
user context) can decrypt the data - the user can do it too.
You mean Windows auth in general - or for database??
Well - i guess the main reasoning behind that is that you don't have to deal
so much with passwords (e.g. do you own storage and you get rid of them in
con strings)
HTH
dominick
[quoted text, click to view] > Hello,
>
> I have read several articles about encrypting db connection strings
> and I do not really understand the fundamental reason behind this.
>
> Most articles advocate the use of DPAPI, which takes care of key
> management tasks. However, if the machine where the software runs is
> compromised, the attacker can decrypt the connection string and
> connect to the database, can't he ?
>
> I have also read that Windows authentication is preferred to
> conventional user/password authentication. What are the main reasons
> for this ?
>
> Finally, is encrypting connection strings only relevant in the web
> server context (most articles refer to the ASP.NET environment) or
> should it be generalized to any server or application accessing a
> database ?
>
> Thank you for your time and I 'd like to apologize if some readers
> find these questions somehow naive :)
>
> letibal
>
