How to secure password on npgsql connection string?

[kn...@ipa.fraunhofer.de]

Hi there

I just run into the question how I could secure the password in my connection string on npgsql. I do not want to have my password in clear text in my application, so I was wondering whether it is possible to use the connection string with an encrypted password or even without a password and use PGPASSFILE of postgresql directly. Is this possible? Or do I definetly have to define my password in clear text in the connection string?

Thank a lot for any help!

[Francisco Figueiredo Jr.]

Hi, Sandra!

Unfortunately, Npgsql doesn't have support for pgpassfile.  You need to specify the password directly in code to Npgsql.

In order to get this string, though, you can use a lot of options. You can use the framework support of environment variables, or even the configuration manager class: http://msdn.microsoft.com/en-us/library/system.configuration.configurationmanager%28v=vs.110%29.aspx to get the information from a configuration file.

.Net has support for encrypted configuration files which may help you. Have a look at this document:
http://msdn.microsoft.com/en-us/library/ms254494%28v=vs.110%29.aspx

There is a section called "Encrypting Configuration File Sections Using Protected Configuration"

I hope it helps.

--
You received this message because you are subscribed to the Google Groups "Npgsql Help" group.
To unsubscribe from this group and stop receiving emails from it, send an email to npgsql-help...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/npgsql-help/ba092563-b229-4c39-afca-30672c70ac0c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Regards,

Francisco Figueiredo Jr.
Npgsql Lead Developer
http://www.npgsql.org
http://gplus.to/franciscojunior
http://fxjr.blogspot.com
http://twitter.com/franciscojunior

[Samo]

Thanks a lot Francisco for your help!