Encrypting and Decrypting Webconfig

We can encrypt anything which is written in web.config

    <add key="SecretCode" value="123" />


We need two namespaces for it.

using System.Configuration;
using System.Web.Configuration;

Codesnippet for encryption

public void EncryptConnString()
        //***********************Encrypting ****************

       Configuration config = configurationManager.OpenWebConfiguration(Request.ApplicationPath);
        ConfigurationSection section = config.GetSection("appSettings");
        if (!section.SectionInformation.IsProtected)

Codesnippet for Decryption

public void DecryptConnString()
        //********************************Decrypting *************************
        Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
        ConfigurationSection section = config.GetSection("appSettings");
        if (section.SectionInformation.IsProtected)


The RsaProtectedConfigurationProvider uses the machine account or the user account to encrypt the keys and save them in a file which called “key container”, which usually saved in C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA

Encryption of password

Namespace that can be used is :

using System.Security.Cryptography;
using System.Web.UI;

Logic behind this is loop through the password one charactor at a time and convert each charactor to ascii,
then take the ascii value and do some math on it thats done by TripleDESCryptoServiceProvider and then convert the new value back to a charactor.
codesnippet for encryption

public static String Encrypt(String val)
        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        byte[] toEncrypt = Encoding.UTF8.GetBytes(val);
        MemoryStream ms = new MemoryStream();
        CryptoStream cs = new CryptoStream(ms, tdes.CreateEncryptor(sharedkey,sharedvector), CryptoStreamMode.Write);
        cs.Write(toEncrypt, 0, toEncrypt.Length);
        return Convert.ToBase64String(ms.ToArray());

codesnippet for Decryption

TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        byte[] toDecrypt = Convert.FromBase64String(val);
        MemoryStream ms = new MemoryStream();
        CryptoStream cs = new CryptoStream(ms, tdes.CreateDecryptor(sharedkey,sharedvector), CryptoStreamMode.Write);
        cs.Write(toDecrypt, 0, toDecrypt.Length);

        return Encoding.UTF8.GetString(ms.ToArray());

 private byte[] sharedkey = GetLegalKey("Welcome to my blog");
        private byte[] sharedvector = GetLegalKey("Thanks for visiting my blog");

        private static byte[] GetLegalKey(string Key)
            return ASCIIEncoding.ASCII.GetBytes(Key.Length < 24 ? Key.PadRight(24) : Key.Substring(0, 24));

But we need to make sure that when you convert the ascii back to a char that it is with in the readable values. The readable ascii values are 33 to 126

Show my IP address


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: