Encrypt password in App.config

Question

I want to encrypt the password in connection string. When I make a connection to DB the connection string is openly stored in App.config and I need to find a way to keep onl

Answer 1

As an addition to the other answers, isn't it better to use the file in Source Control as a template, with just dev/test encrypted connection strings so that it works in dev/test.

For production (or other environments the app is deployed to), the encrypted credentials file is generated separately to the specified template format, managed/updated/deployed separately, has appropriate security permissions applied, never seen by anyone other than DBA/DevOps.