Browse DevX
Sign up for e-mail newsletters from DevX

Tip of the Day
Language: Active Server Pages (ASP)
Expertise: Beginner
Dec 16, 1999



Building the Right Environment to Support AI, Machine Learning and Deep Learning

Open ODBC Connection Without Hardcoding Password


In my ASP page, I open an ODBC connection with:

Set Conn = Server.CreateObject("ADODB.Connection")
Conn.CommandTimeout = 600
Conn.open "Database_name","Username","password".

How can I avoid hardcoding the password in the ASP source?


You have a few options. First, you could use a File DSN and include the ID and password inside the file DSN. Then place the File DSN in a directory under NTFS that is not accessible to anybody but the authorized people (and the IUSR_machinename account).

Another option is to not make database calls from the ASP page. Instead have it call a COM component that in turn calls the database. Hide your ID and password inside the compiled COM component, or in the system registry in some weird place.

You could also wait for Windows 2000 which will contain IIS 5.0/COM++, where you can supply the connection string as a string property on a COM++ (previously MTS) package accessible only from the machine itself, and only by authorized users.

DevX Pro
Comment and Contribute






(Maximum characters: 1200). You have 1200 characters left.



Thanks for your registration, follow us on our social networks to keep up-to-date