How to encrypt and decrypt connection strings

Web applications use connection strings to find out what database to interact with which credentials and other configuration. For example, you can instruct your web application to use X database at the server with IP address by using Z username and Y password.

For most applications, the connection strings are stored in web.config files. It means your IP address, database name, username, and password are stored as a clear text in a file. It may not be a problem for your Development server but it is definitely a security concern for your Production servers. This is where we need to encrypt these connection strings.