明文的密码写在Web.Config里面总是不太好吧！

加密一下，至少显得专业点，下面是我的方法：

aspnet_regiis -pef  "connectionStrings"  "f:\DOTNETAPP2.0\SCHOOLP

ROFILE" -prov "DataProtectionConfigurationProvider" 

注意：后面一定要"DataProtectionConfigurationProvider" ，不加这个参数，就是用默认方式加密。

处理起来很罗嗦！connectionStrings可以替换成你需要的加密配置节，另外

有的SECTION是不能加密的，要注意！

用"DataProtectionConfigurationProvider" 参数，加密后，可以不用解密处理，系统依旧能使用原来

的连接串正常连接数据库！

加密前：

<connectionStrings>

  <add name="MyConn" connectionString="server=localhost;uid=sa;pwd=123456;Initial Catalog=SchoolProfile"

   providerName="System.Data.SqlClient" />

 </connectionStrings>

加密后：

<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">

  <EncryptedData>

   <CipherData>

    <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA5T1gcwVg/0qvVeziLTglSQQAAAACAAAAAAADZgAAqAAAABAAAADt4LPmdEtJP3O3F2k2tEUWAAAAAASAAACgAAAAEAAAACVZduywWhhWOVjg0aRY/RYAAgAANmIZ0DQGMCZL42BtSs7rmUZVc1DE0kOm8Yb+LkngV4qkd7DY5JOBz6mCMi8sMBOllQ9n8iNgfhk+0IYAvXRnGXO4RL13pcmNwzJHRqNSZMUX9a5qtVz+JSQFqJLM+9sM8lDyjA77H9p+Yi5pzQtdkDk5w5M2hTSOK/ku3SUCXE9UZgYQxYvvmhO3WXkLx69nMFRNxskVqznK3s0EzQDtqA4oJE8RL1lzKlqRqbUIEnMcwB4N7/mFqcNmm7zJPKDgawZszlaLITAgIivyyWHPtcz1flT1hZsgmFWqpucNSSz6lJCA2TM10Z2sQ44augCiZi0XJyTaRrhGw51v8bR9oZtqxDiLxn89c1VqSUnPeO51ukQPEO0nCR+wN414AiQMrg3mv8YZB05kawx9kt6K79j45sAxaumCkhuMl9uU21NPJCPfzKukhab/rhqeBHQGiIvKfVCC3H8TB2XOR5a4lA1jLo7ceOtehjgVZqn5XKocLyzYbBkKzMZNnEcgcrsgdOmUgs3IajmtzZ1x2zcOqMdcoZJYNxCXGzCNMviIeV+C7/O6iqnYL3p0G4dKHhkcXoJm5pssNItS1OgsPCdtwBRfF6Fza7RimRW6iK/KIU/eih+OPc/2n0u2GsIgq5KjQuow3aTmy99dAC3kxTvxtbRFE8xbNPdBqYW6++vCm5sUAAAAY70pIKQBMd07W9P4heo6xJDfpIM=</CipherValue>

   </CipherData>

  </EncryptedData>

 </connectionStrings>

加密邮件的配置节：

aspnet_regiis   -pef   system.net/mailSettings/smtp   e:\schoolprofile -prov "DataProtectionConfigurationProvider"

加密前：

<system.net>

  <mailSettings>

   <smtp from="hnwanghb@126.com">

    <network host="smtp.126.com" password="xxxxxx" userName="hnwanghb"/>

   </smtp>

  </mailSettings>

 </system.net>

 加密后：

<system.net>

  <mailSettings>

   <smtp configProtectionProvider="DataProtectionConfigurationProvider">

        <EncryptedData>

         <CipherData>

          <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAdwEJkDOW80q0Kls52kqs2QQAAAACAAAAAAADZgAAqAAAABAAAADl/9dsRL/9kbiQglGhsiJlAAAAAASAAACgAAAAEAAAAJytjibFny9ZsbGgOIFltOHwAAAAPSVFWkK7nGNqlTxy4Or6YQdmRMX6nhHeYclfIQdaIkF/HxRgNeKUUlmG6k4zq2PNksS+VXefNYTEk2zE6uHCyi3BnwM2CCEs/OvjiVzLyq1wa6Z3HH+1HztSA+tHrXjJV9aUhMVJbi99F3a5SkgO2yuzXf3uyD05nEiSaEl6dcQOadBRIlN9Fo7xaIhplkY6+VehulicHNXI5xqM0/lKOQQZe/BSVTNriBk7F9Q9nr8iVY/zVvJO+e5WEb7RTm9leLDTqt43/4RDNsuobFIqgA/sSm4Brz/Eh86XhjoCI2eHBPIQWfoc4nmHoUZRaNB4FAAAAJh2GdL8alPIvcq03UNXV7+EFlA8</CipherValue>

         </CipherData>

        </EncryptedData>

      </smtp>

  </mailSettings>

 </system.net>

 如果想把加密的字符串恢复，使用以下命令：

aspnet_regiis -pdf  "connectionStrings"  "f:\DOTNETAPP2.0\SCHOOLPROFILE"

我的困惑是，既然不用密码，这样两个命令就能加密/解密，还是不太安全捏！微软为什么要做这个功能呢？