I have created a web part that communicates with a SQL Server database. I would like to encrypt the connection string inside the web.config file, however, I read that there is a performance penalty involved when encrypting/decryption the connection string. Is it possible for for a web part to have its own web.config file?
Also, SQL Server authentication has been set to "Windows Authentication mode" only. When attempting to hit the database via the web part, under what account does it take place? Is it under the application pool setting or the currently logged in user.