Jump to content

Best practice regarding securement of the Web.conf file


Recommended Posts



I'm wondering what the best practice is that other passwordstate users use to secure their web.conf file. As the web.ini file contains sensitive information such as database connection strings and such its kind of a hazard to leave them like that.


I'm just curious how other users secure it, I was thinking of maybe using Azure Key vault for this.

Also while I'm at it. Could via the use of API's and file attachments (files with the database connection strings and such) Passwordstate be used to secure these credentials for other applications, I.E. Application to Application Password Management.

Link to comment
Share on other sites

Hi Kevin


Passwordstate has a chapter in their installation instructions, about how to encrypt the sensitive data in the web.config.

You find these information in this file on page 19 and 20.


I would say, you can also use the function to add documents to a folder or passwordlist to securely store files from other applications (also by using the API).


Best regards,



Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...