Asp.net ConnectionString in secure way

Question

I could not get a satisfactory answer to my question on the google, they are:

• How secure ConnectionString is over the HttpRequest?
• Is using Connection

Answer 1

How secure ConnectionString is over the HttpRequest?

It is a string. It is only as secure as the connection is, so, normally not at all. This is assuming you are sending the connection string details over a HttpRequest. If this is not the case and your connection string is used in the web.config, it is as safe as the file itself and IIS are.

Is using ConnectionString in web.config file more secure than using in any specific aspx page?

No.

And how to secure ConnectionString for highly secure website?

Normally, one uses integrated security (windows authentication) to avoid hard coding of a username and password. Additionally, you can encrypt the configuration section, as described here (RSA) and here (DPAPI).