Ask a Question related to ASP.NET Security, Design and Development.

  1. A.M #1

    Default Database Password

    Hi,

    We have a web server running ASP.NET app in DMZ zone provided by Cisco PIX
    firewall.
    The web application is sending user id and password to the database server.
    What is the best practice to make the connection string secure?

    Thanks,
    Ali


    A.M Guest
    Reply With Quote Reply With Quote

    2. Similar Questions and Discussions

    1. How to secure database password? (was Perl/DBI newbie: password storage / security question)
      Zedgar, You are chasing the yourself into circles. Security is dictated by circumstances and resources available. In our case, we had plenty of...
    2. suddenly asked for database password
      I changed my Ms access database into a arial unicode one and the next time i tried to upload it or see a page which use the website i get the...
    3. Connect to database using encrypted password
      I'm needing to connect to a database manually (not using cfquery). However I'm not wanting to hardcode the password into the file. I have a...
    4. How to secure database password? (was Perl/DBI newbie: password storage / security question)
      Hello, Many thanks to R. Joseph Newton, Motherofperls, essential quint and Chuck Fox for answering my questions, however it is still not what I...
    5. How to secure database password? (was Perl/DBI newbie: password stora...
      The only solutions I've discovered is: ( for less secure tables) 1. Crypt the password 2. Put it into directory not in the public domain 3. Set...
  2. Steve C. Orr, MCSD #2

    Default Re: Database Password

    You can store your password encrypted in the registry.
    Here's more information:
    [url]http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpgenref/html/gngrfidentitysection.asp[/url]

    --
    I hope this helps,
    Steve C. Orr, MCSD
    [url]http://Steve.Orr.net[/url]
    Hire top-notch developers at [url]http://www.able-consulting.com[/url]



    "A.M" <IHateSpam@sapm123.com> wrote in message
    news:%23RMVoR$dDHA.3024@tk2msftngp13.phx.gbl...
    > Hi,
    >
    > We have a web server running ASP.NET app in DMZ zone provided by Cisco
    PIX
    > firewall.
    > The web application is sending user id and password to the database
    server.
    > What is the best practice to make the connection string secure?
    >
    > Thanks,
    > Ali
    >
    >

    Steve C. Orr, MCSD Guest
    Reply With Quote Reply With Quote
  3. Jerry III #3

    Default Re: Database Password

    Do not store the actual password. Store a hash instead. Unless you're
    talking about the connection password, in that case you should use Windows
    authentication so the password would not be sent (and encrypt the
    connection).

    Jerry

    "A.M" <IHateSpam@sapm123.com> wrote in message
    news:%23RMVoR$dDHA.3024@tk2msftngp13.phx.gbl...
    > Hi,
    >
    > We have a web server running ASP.NET app in DMZ zone provided by Cisco
    PIX
    > firewall.
    > The web application is sending user id and password to the database
    server.
    > What is the best practice to make the connection string secure?
    >
    > Thanks,
    > Ali
    >
    >

    Jerry III Guest
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139