C# - How to safely store my ConnectionString


In my application I'm currently saving the connection string to the following area:


However I realized that this is bad practice since the connection string can be viewed by the user. I searched around the internet and most answers recommended to save the connection string in my app.config file, however the user can still see the connection string so it's still not safe. I thought about setting my connection string to a string and declaring it every time I startup my program but that seems inefficient.

What is the safest way to save my connection string in order to hide it from the user ? Thank you.

Edit: this is the connection string:


Show source
| c#   | save   | mysql   | connection-string   | app-config   2016-12-31 16:12 2 Answers

Answers to C# - How to safely store my ConnectionString ( 2 )

  1. 2016-12-31 17:12

    What you can do is: Encrypt the connection string in the config file and decrypt it before establishing the DB connection. There is a nice answer of how to do this here: Encrypting & Decrypting a String in C#

  2. 2016-12-31 17:12

    how about if you store the connection elements like (server name, db name , user and pass) in the settings of the projects properties.

Leave a reply to - C# - How to safely store my ConnectionString

◀ Go back