1

I am working on an ASP.NET Core MVC web application, and in my code, I am sending an e-mail using the Gmail SMTP server. To do so, I need to pass the username and password.

Currently I have the password in my code, but I am not sure what is the best place to store the password in an ASP.NET Core MVC app? For example in the web.config or in the database?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
John John
  • 1
  • 72
  • 238
  • 501
  • Have a look at this SO question: https://stackoverflow.com/questions/36062670/encrypted-configuration-in-asp-net-core encrypting the configuration is the standard way of doing it. – stringy05 Jun 24 '20 at 04:08

1 Answers1

0

I would store it in the appsettings.json it is save from being browsed.

John Meek
  • 173
  • 1
  • 9
  • so you mean the appsettings.json will not be visible to public users (by public users i mean, users that do not have access to the source code)? – John John Jun 24 '20 at 14:03