Connection string security\best practices
Posted on 2011-09-21
writing a win forms vb.net VS 2010 app, i read & write to a mySQL db over the Web. my boss suggests i store my connection string remotely (across the web, on our db server), but this idea kinda perplexes me. he's afraid any hack of my app will expose our data.
anyways, what's the best way to do this?
also, wouldn't it be just as sensible to store the connect string in some sort of ini\settings file locally, and just encrypt it?
advice & methods welcome...