I recently had this discussion with a colleague.
We need to secure the connection strings that are in our .config
files (for SOX compliance) and found two options:
- Encrypt the connection string configuration sections
- Use windows authentication with the connection strings
Both approaches are mentioned in this article on MSDN (Protecting Connection Information (ADO.NET)), but it is not clear which of these options is more secure or which approach is the recommended one.
Those with experience with either or both of these, can you please share which one you have used and why?
To clarify my question - which of the two options is more secure and why?
They're two different solutions to the same problem of storing credentials on the disk:
Using Windows authentication means running the client-side process in the context of a user (preferably service) account and allowing it to authenticate using NTLM, Kerberos, according to your environment. Note that using Windows auth means that the two endpoints operate in the same or trusting domains or that they share a "mirror account". When you allow Windows auth, you need not store the username/password on disk because authentication is handled using the process token assigned to the client-side process.
encrypting the connection string means that you will apply encryption to the username/password beore storing it on disk. Because authentication using these credentials require that they are stored using reversible encryption and the key for this decryption is also stored on the local system, it means that the credentials are potentially available to anyone with access to the computer.
HTH