I am accessing an SQL Server database using Windo开发者_如何学Pythonws Authentication
- Do I need to encrypt the connection string in the web.config?
- Does the name of the connection string (or database) matter in terms of security? (viz:
ApplicationServices?
I disagree with klausbyskov. I would encrypt your connection string regardless. Sure, the server name is really all that is being exposed. But that at least puts a target out there. Encrypting the connection string would remove that target.
Knowing is half the battle.
As far as the connection string name, I'd just keep it vague, and not name it the name of your production database server or anything like that.
No. It would be useless. When using Windows Authentication your app is connecting as the user that opens the
DBConnectionfrom code, typically network service if it's a web app.No, unless the name is also your domain admin password.
EDIT: In a crazy world where the name of your database server was secret, then maybe it would make sense to encrypt the connection string.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论