If you don’t want your database connection string information hanging around in the configuration file as plain text, you can encrypt it with the aspnet_regiis utility. Here’s how:
Unfortunately the utility is hard coded to modify web.config, so you’ll have to rename your file first.
Run the aspnet_regiis utility and tell it you want to encrypt the connectionStrings configuration section:
Restore your original filename:
If you’re getting a “command not found” error, you’ll have to add the framework binaries to your path. The aspnet_regiis utility is usually located here: