We are using the registry to store the connection information to Oracle and a user is worried about the fact that the password is stored unecrypted.
Is there any way that the password cannot be stored or the password stored in an encrypted form?
Thanks in advance for your help.
One solution is to use IntegratedSecurity. I.e. log into Oracle using authentication from the operating system. In this case no password is stored (or needed) in the configuration string. The other solution is to store the encrypted connection string in the application configuration file. This is called Protected Configuration in the .NET Framework Developers guide.
Hope this helps!
Log in to post a comment.