Davepoint

Archive for May, 2008

Securing passwords in Web.config

May 15th, 2008

Here’s a handle litle tool I was previously unaware of.

aspnet_setreg encrypts user names and passwords and copies them into the registry. You can download the tool from here: http://support.microsoft.com/default.aspx?scid=KB;en-us;329290.

Run it like this:
C:\Documents and Settings\David.Bending\Desktop>aspnet_setreg.exe -k:Software\MyApp\Identity -u:myUser@myDomain -p:myPassword

Put this in you Web.config:
<identity impersonate=”true” username=”registry:HKLM\Software\MyApp\Identity\ASPNET_SETREG,userName” password=”registry:HKLM\Software\MyApp\Identity\ASPNET_SETREG,password” />>

The edit the registry key so your ASP user account (typically ASPNET) can read it, and you’re done.

No comments »

Posted in .NET

Enter your email address:
Delivered by FeedBurner
Tags
.NET Agile asp.net click-once Code Contracts css data sets dcom debugging entity framework IT jquery mvc oo Oracle pex ReSharper sql express sql server 2008 tdd testing training Unity Validation vs2008 WCF windows server
Categories
Archives
- September 2010 (1)
- August 2010 (2)
- April 2010 (1)
- March 2010 (1)
- February 2010 (5)
- January 2010 (8)
- April 2009 (1)
- January 2009 (1)
- December 2008 (1)
- June 2008 (4)
- May 2008 (1)
- April 2008 (2)
- January 2008 (4)
About
- I'm a technical lead at a well-known internet comparison site. I'm interested in software development with a focus on the Microsoft technology stack.
You are currently browsing the archives for May, 2008.

Archives

Back to Top

Valid XHTML 1.0 Transitional | Valid CSS 3