Hi all,
I've made a small app which writes an encrypted connectionString to my database to the registry.
Now I'm planning to deploy this small app this on the server when the main application goes live, create the key and delete the small app again. ( so the encrypt function isn't on the server anymore )
Now the main app will decrypt this registry key and can connect succesfully.
This all works atm, but I'm wondering how safe this actually is ?
I don't really know anything about securing my software, besides this.
If they can get on the server, can they get in the code? and thus getting the decrypt function?
This all might sound newbish, but I'm just interested in knowing ...
Thanks in advance,
-Yakkity
I've made a small app which writes an encrypted connectionString to my database to the registry.
Now I'm planning to deploy this small app this on the server when the main application goes live, create the key and delete the small app again. ( so the encrypt function isn't on the server anymore )
Now the main app will decrypt this registry key and can connect succesfully.
This all works atm, but I'm wondering how safe this actually is ?
I don't really know anything about securing my software, besides this.
If they can get on the server, can they get in the code? and thus getting the decrypt function?
This all might sound newbish, but I'm just interested in knowing ...
Thanks in advance,
-Yakkity
