This is MyConfig file code i want to encrypt or hide Password value but i don't know how to do that. i already use secure app config but it give me an error or i did somethings wrong?
for default password is Data#Dat
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<sectionGroup name="userSettings" type="System.Configuration.UserSettingsGroup, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" >
<section name="MYdata.Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" allowExeDefinition="MachineToLocalUser" requirePermission="false" />
</sectionGroup>
</configSections>
<connectionStrings>
<add name="MYdata.Properties.Settings.Database1ConnectionString"
connectionString="Data Source=(LocalDB)\MSSQLLocalDB;AttachDbFilename=|DataDirectory|\Database1.mdf;Integrated Security=True"
providerName="System.Data.SqlClient" />
</connectionStrings>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.8" />
</startup>
<runtime>
<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
<dependentAssembly>
<assemblyIdentity name="DocumentFormat.OpenXml" publicKeyToken="8fb06cb64d019a17" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-2.13.1.0" newVersion="2.13.1.0" />
</dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="ExcelNumberFormat" publicKeyToken="23c6f5d73be07eca" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.1.0.0" newVersion="1.1.0.0" />
</dependentAssembly>
</assemblyBinding>
</runtime>
<userSettings>
<MYdata.Properties.Settings>
<setting name="FullName" serializeAs="String">
<value />
</setting>
<setting name="Email" serializeAs="String">
<value />
</setting>
<setting name="Description" serializeAs="String">
<value />
</setting>
<setting name="Password" serializeAs="String">
<value>Data#Data//</value>
</setting>
</MYdata.Properties.Settings>
</userSettings>
</configuration>
I just found out it only shows the default password, not the password that the user set. so that fixed my problem.
Also thanks to @cly for telling me the information:
Config should be readed by you application somehow so the application needs all the information required to do it. You can provide the information during startup (e.g. request a password from the operator who started the application) so the application and the config file itself cannot be used unless somebody gives the "config-opener" password. But this means every startup is an interactive process which might be okay but mostly not.
Otherwise You can hide a decryption password somewhere where the application can access it (on executing computer or inside the application itself) which can provide some "secrecy", but anybody who has access to the application can dissassemble it and find out your method and use this decryption method on its own. It depends on your user's skills.