In my application, there is a connection string to the database.
Is there any way I can prevent people from knowing the actual connection string (especially from admin people who know actually know the code of the program)?
Below are the ways I thought of but they all seem to have flaw:
1) save in the registry (admin ppl know which registry it's saved at and can easily find out)
2) save in the config file and load from the program (ppl can access the config file and will find out the connection string
3) actually encryting with base64 encryption with preset encryption value (if ppl know the encryption value, they can easily decrypt)
Are there any other ways that would work for the specification?
Thanks a lot.
Is there any way I can prevent people from knowing the actual connection string (especially from admin people who know actually know the code of the program)?
Below are the ways I thought of but they all seem to have flaw:
1) save in the registry (admin ppl know which registry it's saved at and can easily find out)
2) save in the config file and load from the program (ppl can access the config file and will find out the connection string
3) actually encryting with base64 encryption with preset encryption value (if ppl know the encryption value, they can easily decrypt)
Are there any other ways that would work for the specification?
Thanks a lot.