.NET & MySQL – Part 6
MySQL Connection Strings
Read more about connection strings at Connectionstrings
One way is to use the Application Configuration File.
- Right click on the Solution Project Name and select Properties.
- Select Settings.
Name: Give it a name
Type: Choose (Connection String)
Value: You can manually type the values or click on the eclipses to open the dialog box to fill in it. E.g.: server=localhost;user id=jdoe;database=test;encrypt=true;
I recommend that you do not store the password, through a log-in screen you can prompt the user for the password and construct the connection string together with the values of the app.config to connect to the database.
What is also important is that the file must be stored at a secure folder, which is only accessable by the PC Admin.
Typically this would be: C:\Document and Settings\Your User Name\Local Settings\Appication Data\Your Application Name\
Some more options:
- Write it to the Windows’ registry
- Write it to a custom file (e.g. XML File)
There are various ways you can encrypt the XML File (App.Config file is also in XML Format). For more information read the MSDN Documentation.
Passwords are Encrypted and never Decrypted, hence hashing. Once a password is Encrypted and stored in the database, you will never decrypt the retrieved password from the database. If you want to check if the password that the user entered matches, you encrypt the password that the user entered and compare it with the encrypted password stored in the database.
This post has briefly discussed various options regarding security, specifically looking at connection strings.
Besides the connection strings it is important to secure the MySQL Server as well as the Operating System.
I truly believe that no system is "Bullet Proof!" You can only make it more difficult…
.NET & MySQL Part 1 A list of software required as well as optional software that can be used.
.NET & MySQL Part 2 Install MySQL Server
.NET & MySQL Part 3 Install PHP on Windows XP IIS Server
.NET & MySQL Part 4 Setup MySQL Connection String for a Windows application using VB.NET.
.NET & MySQL Part 5 MySQL and OpenSSL.
No comments yet.
- .NET & MySQL
- Off The Beat
- P.C. Troubleshooting
- Software Development
- UNISA – University of South Africa
- Web Sites