Securing sensitive parts of App.config/web.config
As a developer, you will undoubtedly work with sensitive information such as passwords. How you handle this information during development is very important. In the past, I have received copies of a client's live database to use for testing. This does pose a very real security risk for your client.
Often, we keep settings in a web.config file (when working with web applications). For this example, though, I will be demonstrating a console application that uses an App.config file. The same logic can be applied to a web.config file too.
Getting ready
Creating a console application is the quickest way to demonstrate this recipe. If, however, you want to follow along using a web application (and securing a web.config file), you can do so.
How to do it…
In the console application, locate the
App.configfile. This is the file that contains the sensitive data:
If you open the
App.configfile, you will see that within theappSettingstag there is a key...
