ASP.NET encrypt sections of web.config using a seed or key

I have finished my second big asp.net project. As I work for a financial institution where security is very important and tough audit objections so I have given the task to encrypt the connectionString section to avoid clear text username, passwords.

I tried the following to ENCRYPT

C:\windows\Microsoft.NET\Framework\\v2.0.50727\aspnet_regiis.exe  -pef "connectionStrings" "E:\E2kSoft\ETLP\ETLPSystem"

and following to DECRYPT

C:\windows\Microsoft.NET\Framework\\v2.0.50727\aspnet_regiis.exe  -pdf "connectionStrings" 开发者_运维百科"E:\E2kSoft\ETLP\ETLPSystem"

but using the above method method any tom, dick or harry can decrypt the section if got a hold on the file.

Can i use some kinda key or seed ..i am just assuming..please suggest any tutorial/reference of website which guides how to achieve this and make the application extremly secure.

Thanks

The following MSDN article provides a step-by-step example for decrypting / encrypting Web.config sections with an encryption key:

• Walkthrough: Creating and Exporting an RSA Key Container

Hope that helps.