Web applications use connection strings to find out what database to interact with which credentials and other configuration. For example, you can instruct your web application to use X database at the server with 192.168.1.100 IP address by using Z username and Y password.
For most applications, the connection strings are stored in web.config files. It means your IP address, database name, username, and password are stored as a clear text in a file. It may not be a problem for your Development server but it is definitely a security concern for your Production servers. This is where we need to encrypt these connection strings.