How To use ASPNET_SetReg to store encrypted data in the registry and then decrypt the data for use in your app
1) You may find it a bit unsecure storing usernames and passwords inside your web.config. As an alternative to doing this, Microsoft has established a standard way to store that type of info in the registry of your server instead. Yes, you can encrypt portions of the web.config using aspnet_regiis, but it can become quite a hassle if you need to make changes to some of your appSettings keys or change the account password over a number of different applications. ( http://msdn.microsoft.com/en-us/library/dtkwfdky.aspx ) 2) You can use a simple command line tool called aspnet_setreg.exe to create your registry entries. You can find the tool here: http://support.microsoft.com/kb/329290 The tool will use CryptProtectData to encrypt the values you put in the registry. The example in the article uses the following example: Run the following command to add the registry entry: c:\Tools>aspnet_setreg.exe -k:SOFTWARE\MY_SECURE_APP\identity -u:"yourd