Mark Ashton
8/26/2005 7:05:00 PM
If they have access to the connection object, putting ''persist security
info=false'' will remove the password from the returned conenction string
once the connection has been opened. This is the default for ADO.NET but
not ADODB.
Don''t hardcode the connectionstring in the application, instead load it from
a config file that has the neccessary NTFS ACLs.
--
This posting is provided "AS IS", with no warranties, and confers no rights.
Please do not send email directly to this alias. This alias is for newsgroup
purposes only.
"farsad nasseri" <farsadnasseri@discussions.microsoft.com> wrote in message
news:A13ACBD1-BF14-4323-8843-7DBD9A26BB63@microsoft.com...
> Hi
>
> I''m using ASP.NET and VB.Net to connect to a MySQL database. My connection
> string is written within the VB.Net code on a button event, so it''s not
> easily accessed by people viewing the HTML source... However, I don''t feel
> comfortable with hardcoding my UID and password on the actual code. I
> haven''t
> been able to find any way of hiding this UID and password. Can someone
> please
> help me.