I want to encrypt app.config but DPAPI configuration can be decrypted by any other developer so what is a better way to encrypt app.config other than DPAPI.
Asked
Active
Viewed 120 times
0
-
Please show what you've tried. – grim Sep 23 '14 at 21:28
1 Answers
0
What is your threat model? Until we know what type of attacks you want to prevent, it's hard to recommend specific solutions. Each solution is good against some attacks, but never all.
You imply that you're trying to protect against an insider attack, eg by another developer. That's quite tricky, and depends partly on what access that developer has. We need this type of information to provide a suitable solution.
HTTP 410
- 17,300
- 12
- 76
- 127