Use DES to encrypt database information and enhance Asp.net Security (1) -- Analysis

In actual database system development, we usually put the database connection string in the configuration file Config. web of Asp.net. The connection string is generally as follows:
<Deleetask>
<Add key = "ConnStr" value = "server = 192.168.2.36; database = Mdata; uid = sa; password = 111000"/>
</AppSettings>
In the program. configuration. configurationSettings. appSettings ["ConnStr"] method, which greatly improves the convenience of program access. however, this method may also cause database security risks. As long as users who can read this configuration file have a little knowledge about computers, they can immediately know the database login information, and log on to the database to perform various operations. although the server has many security settings, the current network security is not very reliable, and more efforts are needed in terms of security. if we can write the configuration file to the following values:
<Deleetask>
<Add key = "ConnStr" value = "comment"/>
</AppSettings>
Even if the website source code has been downloaded by hackers or the configuration file on the web server has been leaked, who can translate this code?
These irregular characters in the middle are not obtained by simple byte conversion. We can use the powerful security function provided by. net to implement DES to encrypt database connection information.
We will not talk about the theory of DES encryption here. You can refer to other materials. Here we will only talk about its implementation and application. if my friends can understand and believe in its encryption strength, I will talk about the specific implementation method below:
First, for the convenience of development and future deployment, we 'd better write a small tool to encrypt and write configuration files, because the database deployment changes the connection string once on different machines, if you manually generate an encrypted string and modify the configuration file, you may not be able to handle this repetitive effort for a while, so we can find a permanent method (a bit exaggerated, there is nothing to do once and for all.) Write a small tool by yourself. I also try to find a place to upload tools and implementation methods to the Internet. If you are interested, you can check them out.