How to secure password from developers
-
Hello, I am looking for a password protection method in .net for connecting SQL server. I have a requirement is to secure passwords from developers. I know most of people will suggest me to use config file store password and some people say use windows authentication. But my requirement is quite different, I don’t want to reveal password to developers. If I use it in config file the password will be known to developers. How to deny access to config file for developers and give to access to visual studio to that config file? If I use Windows authentication there is risk of connecting directly to the database server by installing management studio or some other third party tools. Is there any way that will make windows authentication will work only if access from code?
-
Hello, I am looking for a password protection method in .net for connecting SQL server. I have a requirement is to secure passwords from developers. I know most of people will suggest me to use config file store password and some people say use windows authentication. But my requirement is quite different, I don’t want to reveal password to developers. If I use it in config file the password will be known to developers. How to deny access to config file for developers and give to access to visual studio to that config file? If I use Windows authentication there is risk of connecting directly to the database server by installing management studio or some other third party tools. Is there any way that will make windows authentication will work only if access from code?
You can't. Because the connection string is just that - a string - the code that developers write needs to be able to access the "raw string" that is sent to SQL as part of the Connection event. Because their code can access it, so can the developers. All you can do is give them username / password combinations which are just sufficient to do their job (i.e. can insert, select, maybe update - but not add, edit, or create tables) and if you are still feeling paranoid log everything that user account does. But even trying to prevent them having access when they clearly are going to need it says "I don't trust them" and that's not good for morale or the culture within the company. You may find it counterproductive in terms of retaining good staff - the ones you can trust...
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
-
Hello, I am looking for a password protection method in .net for connecting SQL server. I have a requirement is to secure passwords from developers. I know most of people will suggest me to use config file store password and some people say use windows authentication. But my requirement is quite different, I don’t want to reveal password to developers. If I use it in config file the password will be known to developers. How to deny access to config file for developers and give to access to visual studio to that config file? If I use Windows authentication there is risk of connecting directly to the database server by installing management studio or some other third party tools. Is there any way that will make windows authentication will work only if access from code?
-
Hello, I am looking for a password protection method in .net for connecting SQL server. I have a requirement is to secure passwords from developers. I know most of people will suggest me to use config file store password and some people say use windows authentication. But my requirement is quite different, I don’t want to reveal password to developers. If I use it in config file the password will be known to developers. How to deny access to config file for developers and give to access to visual studio to that config file? If I use Windows authentication there is risk of connecting directly to the database server by installing management studio or some other third party tools. Is there any way that will make windows authentication will work only if access from code?
There's a very easy method. 1. Use windows domain authentication 2. Run your application (or application pool, if IIS) under a service account. Give that service account the appropriate permissions on the database (which would have to be on a domain machine in this scenario). Don't give the password to your devs, set this up yourself (or whatever Security person you have assigned to account actions). 3. Make sure that dev accounts don't have access to the SQL server if you're worried about them using SSMS.
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
-
There's a very easy method. 1. Use windows domain authentication 2. Run your application (or application pool, if IIS) under a service account. Give that service account the appropriate permissions on the database (which would have to be on a domain machine in this scenario). Don't give the password to your devs, set this up yourself (or whatever Security person you have assigned to account actions). 3. Make sure that dev accounts don't have access to the SQL server if you're worried about them using SSMS.
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
-
Not going to completely disagree, but this is one of those places where my dev self and my security self get into fistfights.
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
-
Hello, I am looking for a password protection method in .net for connecting SQL server. I have a requirement is to secure passwords from developers. I know most of people will suggest me to use config file store password and some people say use windows authentication. But my requirement is quite different, I don’t want to reveal password to developers. If I use it in config file the password will be known to developers. How to deny access to config file for developers and give to access to visual studio to that config file? If I use Windows authentication there is risk of connecting directly to the database server by installing management studio or some other third party tools. Is there any way that will make windows authentication will work only if access from code?
All code that is running is running AS THE USER THAT LAUNCHED IT. If the developers cannot access the content of the config file, neither can Visual Studio nor the application the developers launch in the debugger. You seem to have only a single environment, production, where you need at least three. You need a developer environment that the developers have enough access to so they can develop the application and the database. You need a test environment that mirrors production so you can test the application and database changes before you put it in production and also test the deployment of the application and database changes. Finally, and obviously, you need a production environment. In your case, all three of these need to have their own separate database servers with their own connection strings. They don't need to be the same. But, it comes down to the point where you absolutely need to trust at least two people with the passwords to the production database. They don't have to be developers but they do have to know what they're doing with connection strings. You cannot avoid this. But, on top of all of this, you and your SQL DBAs, system admins and networking people need to understand security, in SQL, in Windows Server, NTFS, ... to correctly setup every environment and all of the servers and shares to make sure nobody has more permissions than they need to do their jobs.
A guide to posting questions on CodeProject
Click this: Asking questions is a skill. Seriously, do it.
Dave Kreskowiak -
Not going to completely disagree, but this is one of those places where my dev self and my security self get into fistfights.
"There are three kinds of lies: lies, damned lies and statistics." - Benjamin Disraeli
..lock them both up together until they agree? This is only a "problem" if you want to hide your database-structure, either from dev or the user/owner. In that case it becomes a discussion of who owns the data :)
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^][](X-Clacks-Overhead: GNU Terry Pratchett)
