连接字符串安全 C#
Connection String Security C#
我创建了一个 c# 程序,它使用 mysql 来验证用户 login.I 在谷歌上搜索了有关连接字符串的安全性,并且每件事都与 web.config 文件有关。
是否有必要在纯 c# 程序中隐藏连接字符串?如果是,请给我参考。
我加密了我的代码,这足以保护我程序中的连接字符串吗?
private static MySqlConnection myConnection = new MySqlConnection("sample connection string");
解决问题后的微小编辑:
我发现 goof 文章和项目加密 App.config 专为连接字符串设计,您可以检查它 here
可以参考Securing Connection Strings.
you should encrypt the configuration file so that the user name and
password are not exposed in clear text.
因此,将连接字符串放入配置文件并对其进行加密是确保连接字符串安全的一种方法。
Encrypt Configuration Files
You can also store connection strings in configuration files, which
eliminates the need to embed them in your application's code.
Configuration files are standard XML files for which the .NET
Framework has defined a common set of elements. Connection strings in
configuration files are typically stored inside the
element in the app.config for a Windows
application, or the web.config file for an ASP.NET application.
MSDN 参考:
我创建了一个 c# 程序,它使用 mysql 来验证用户 login.I 在谷歌上搜索了有关连接字符串的安全性,并且每件事都与 web.config 文件有关。 是否有必要在纯 c# 程序中隐藏连接字符串?如果是,请给我参考。
我加密了我的代码,这足以保护我程序中的连接字符串吗?
private static MySqlConnection myConnection = new MySqlConnection("sample connection string");
解决问题后的微小编辑:
我发现 goof 文章和项目加密 App.config 专为连接字符串设计,您可以检查它 here
可以参考Securing Connection Strings.
you should encrypt the configuration file so that the user name and password are not exposed in clear text.
因此,将连接字符串放入配置文件并对其进行加密是确保连接字符串安全的一种方法。
Encrypt Configuration Files
You can also store connection strings in configuration files, which eliminates the need to embed them in your application's code. Configuration files are standard XML files for which the .NET Framework has defined a common set of elements. Connection strings in configuration files are typically stored inside the element in the app.config for a Windows application, or the web.config file for an ASP.NET application.
MSDN 参考: