Hi All -

 

Sorry if this question seems dumb, but here it is:

 

In the data source declaration, database username, password needs to be 
provided, and they are in plain text!

 

For the application, data source works fine, but I feel it is really not safe - 
anybody who can access the server can see the password, plus the fact that the 
file need to be upload to a source control repository - password becomes an 
open secret, if it's still a sceret :(

 

Is there a good/generalized way to handle this (and any similar cases invloving 
password in xml configuration file)

 

Thanks a lot,

William    
                                          
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
http://clk.atdmt.com/GBL/go/196390710/direct/01/

Reply via email to