Just wandering if its a good idea to put username and password in the application settings?
If not where is the best place to store these?
--Jonesy
Since web.config is a protected file there will be no direct access to it. You will probably be fine storing your connection credentials there.
However - You can go a bit further and encrypt the appSettings in your web.config
Walkthrough: Encrypting Configuration Information Using Protected Configuration