How can I safely store and access connection string details?

Question

I\'m currently working on a ASP.NET MVC web site, and I\'ve come up to a point where I need to integrate a database into the website.

Normally I would simply add the app

Answer 1

Common approaches include encrypting the web.config and storing the connection strings in the registry.

The second link is a part of a much larger article covering how to properly secure an ASP.NET application. It was written for WebForms, but the principles are the same. It's a good read and much of it still applies today, even if it is a bit old.