ASP.NET provides DPAPIProtectedConfigurationProvider to encrypt and decrypt. In a web farm use RSAProtectedConfigurationProvider. Configuration file before: To encrypt use the command : Aspnet_regiis – pef “connectionStrings” “C:\inetpud\...\MySite” If changes are made to connection string from GUI they are automatically encrypted and incorporated in web.config. To Decrypt use the command : Aspnet_regiis – pdf “connectionStrings” “C:\inetpud\...\MySite” Two types of encypters are supported : 1- DPAPIProtectedConfigurationProvider Uses the Windows Data Protection API (DPAPI) to encrypt and decrypt data 2- RSAProtectedConfigurationProvider Default provider, uses the RSA encryption algorithm to encrypt and decrypt data Type is specified in Configuration section, e.g: To allow ASP.NET user account to access key container use the following command: aspnet_regiis.exe –pa "NetFrameworkConfigu...
