troubleshooting Question

Hiding my password for my connection string asp classic

Avatar of Jim Schwetz
Jim Schwetz asked on
ASP* ConnectionStrings* classic aspSecurity
3 Comments1 Solution326 ViewsLast Modified:
I work for a corporation, to get access to a database, they do not want me to see the password.  they want to hide it in a hidden folder.
If they hid a file in a folder, and give me the path, so my webpage could read it,  that would work.  But I am getting the run around, alot of security jargon, and none of them know asp classic.  
 Is there a preferred way for me to have access to a file that I can not see the password on ?  BY access, I mean using an include statement to pull the password.

Here are some questions they ask or tell me:
  • Can you application utilize properties file with AES encryption on the password? We can also store the credentials to WebUser database


  • Schema owner access is made ONLY through encrypted strings generated by Security Access Management Team
  • o      Passwords must be encrypted or obfuscated to prevent unauthorized access


as Ste5an mentioned, I did leave out some info.  I use a connection string to connect to the database from a web page.  and in that string I hardcode a UserID and password.  so the user using the web page does not have to sign in.  the userID is a process ID.  I also store the passwords on another file on the server, and use include statements to retrieve the passwords.  When I asked them for a password, they wanted to take over my screen, to put in the password, so that I did not see the password.  Once they see my file, they do not want to put it in as text, so that I could see it.  the web page only returns results, no write or update needed.
ASKER CERTIFIED SOLUTION
Manju
IT - Project Manager

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 3 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros