Manage connection strings and objects

Storing the connection string in a configuration file gives you much more flexibility because you can simply edit the file and change the settings if you change or add a server.

Connection strings (and all other sensitive information) should be encrypted or hashed wherever possible. Storing a database connection string in plain-text (human readable) form can present a huge security vulnerability and should be avoided if possible.

By default, you can access the ConnectionStrings property almost identically to how you access AppSettings.

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
   <connectionStrings>
      <clear />
      <add name="AdventureWorksString" providerName="System.Data.SqlClient" connectionString="Data Source=localhost;Initial Catalog=AdventureWorks;Integrated Security=true" />
      <add name="MarsEnabledSqlServer2005String" providerName="System.Data.SqlClient" connectionString="Server=Aron1;Database=pubs;Trusted_Connection=True;MultipleActiveResultSets=true" />
      <add name="OdbcConnectionString" providerName="System.Data.Odbc" connectionString="Driver={Microsoft Access Driver (*.mdb)};Dbq=C:\adatabase.mdb; Uid=Admin;Pwd=R3m3emberToUseStrongPasswords;" />
      <add name="AccessConnectionString" providerName="System.Data.OleDb" connectionString="Provider=Microsoft.Jet.OLEDB.4.0;Data Source=\PathOrShare\mydb.mdb;User Id=admin;Password=Rememb3rStr0ngP4sswords;" />
      <add name="OracleConnectionString" providerName="System.Data.OracleClient" connectionString="DataSource=MyOracleDB;Integrated Security=yes;" />
   </connectionStrings>
</configuration>