Create Server Login(Do not type a password in web config)


As a high-level security measure in SQL Server,

if you do not want application developers to know the application’s user password, this article will be helpful.

With this method, the application will only be able to connect to the database from specific application servers.

We need to identify the application servers that need to be connected to the database as login to SQL Server as follows.


You should write your server name in the section titled TESTSERVER above.

I’m referring to an important point.

You should type the server name in uppercase letters.


When you create Login this way, application developers need to write “Integrated Security = SSPI” or “Trusted_Connection = True” instead of userid and password in the connection string.