ASP.Net V2.0 has much improved encryption over v1.x including the ability to encrypt any part of the connection string. Of course there is some performance overhead to do this so only sections that have sensitive information should be encrypted.
I really battled with part of this today when trying to encrypt the connection string so I thought I would include some of the syntax required, specifically how to reference a particular web.config file within a specific site. All articles I have found so far reference the default site and not a specific site.
Read More