What is the best way to secure your ID(in connection string) & retrieve it later?

I'm working in a setup file(web setup) installation, and during the installation I provide the username & the password(for impersonating). but my question is that I want to use this user & pass also in another place in the project. So, I said why I don't save this id in a connection string(in the webconfig) & retrieve later(when the setup finished) when I need it...

but my problem is here, I want to encrypt the user & pass (when I'm saving it in webconfig) & when I want to retrieve it I need to decrypt it So that I can use it in the impersonating later..

So, how can I do that ?? Do you have another idea to do it ??

What I want开发者_JAVA技巧 it is simply, I need to store my Id in a secure place during websetup installation, & retrieve it later without exposing it..

thanks alot

Modify your setup to configure an application pool's identity once. Then you won't have to store the user/password, as you can use the identity of the process.

If you still want to store the value (I highly discourage you to do that), you can encrypt some sections of the web.Config file.

This blog entry show an example : http://odetocode.com/blogs/scott/archive/2006/01/08/encrypting-custom-configuration-sections.aspx