Since version 2.0, the ASP.NET documentation suggests that we should keep our connection strings in web.config. This raises a number of concerns. There is a better way...
DPAPI and Triple DES: A powerful combination to secure connection strings and other application settings
Developing Next Generation Smart Clients using .NET 2.0 working with Existing .NET 1.1 SOA-based XML Web Services