Persist Security Info means that the security information that was used to
create the connection to the database is retained so that further
connections can get that security information without the it having to
provided again. This is a bad thing:
http://msdn.microsoft.com/library/d...cpguide/html/cpconsecureadonetconnections.asp
HTH,
Kyril
Keep Persist Security Info as False
Setting Persist Security Info to true or yes will allow security-sensitive
information, including the userid and password, to be obtained from the
connection after the connection has been opened. If you are supplying a
userid and password when making a connection, you are most protected if that
information is used to open the connection, and then discarded. As a result,
your option that helps to provide greater security is to set Persist
Security Info to false or no.
This is especially important if you are supplying an open connection to an
untrusted source or persisting connection information to disk. Keeping
Persist Security Info as false helps ensure that the untrusted source does
not have access to the security-sensitive information for your connection
and also helps ensure that no security-sensitive information is persisted to
disk with your connection string information.
Persist Security Info is false by default.
