I have some confustion regarding encrypting a connection string in app.config. I am using a method similar to that found @ http://msdn.microsoft.com/en-us/library/89211k9b(VS.80).aspx for the encryption, but the thing I'm not clear on is after I encrypt the connection string, the method that pulls the data still works fine-I was under the impression that I would need to decrypt the connection string before using the connection object. Also, I noticed that when I encrypt, the app.config in the project folder remains unchanged, but the appname.exe.config file in the bin\debug directory is encrypted. I see the same thing even after publishing with click once-in the ...\AppData\Local\Apps\2.0\... directory, there are 2 folders for the application. 1 contains the config file unencrypted, the other contains the config file encrypted. I'm unclear on how all of this is being used and whether my application is actually using the encrypted version of the config file. I'd be grateful if someonce could shed some light on this.