How can I secure passwords stored inside web.config?

by

You can encrypt the web.config with aspnet_regiis. This is to stop people with access to your server from reading sensitive information.

By the way, I would put your config settings inside a class, that can then be injected into your controllers – it will make unit testing easier.

More Related Contents:

  1. How to force HTTPS using a web.config file
  2. Loop through enum result property
  3. Login failed for user ‘IIS APPPOOL\ASP.NET v4.0’
  4. How to return a file (FileContentResult) in ASP.NET WebAPI
  5. ASP.NET MVC 5 group of radio buttons
  6. Questions about using Ninject
  7. Passing data between different controller action methods
  8. Is Task.Run considered bad practice in an ASP .NET MVC Web Application?
  9. CSS, Images, JS not loading in IIS
  10. An ASP.NET setting has been detected that does not apply in Integrated managed pipeline mode
  11. Remote Validation for LIST of MODELs
  12. Restrict access to a specific controller by IP address in ASP.NET MVC Beta
  13. Passing data to Master Page in ASP.NET MVC
  14. Web.Config Debug/Release
  15. How to enable cross origin requests in ASP.NET MVC [duplicate]
  16. Do I need a Global.asax.cs file at all if I’m using an OWIN Startup.cs class and move all configuration there?
  17. Is it secure to store passwords in cookies?
  18. How do I display the DisplayAttribute.Description attribute value?
  19. ASP.Net MVC route to catch all *.aspx requests
  20. Visual Studio – Resx File default ‘internal’ to ‘public’
  21. MvcSiteMap generating a Menu without messing the breadcumbs
  22. How do I route images using ASP.Net MVC routing?
  23. The model item passed into the dictionary is of type ‘mvc.Models.ModelA’ but this dictionary requires a model item of type ‘mvc.Models.ModelB‘
  24. Get UserID of logged-in user in Asp.Net MVC 5
  25. Can I use ASP.NET MVC together with regular ASP.NET Web forms
  26. System.web.mvc missing
  27. How to route EVERYTHING other than Web API to /index.html
  28. MVC4 – Bundling does not work when optimizations are set to true
  29. Error 500.19 with 0x8007000d when running ASP.NET Core app in IIS despite AspNetCoreModule being installed
  30. The ‘Microsoft.ACE.OLEDB.12.0’ provider is not registered on the local machine.

Leave a Comment