Persist Security Info Default Value Changed in Windows Vista
In Windows Vista the default value for the
Persist Security Info parameter of an ADO connection string has changed from
You should be aware of this because it can prevent your legacy code from working properly under Windows Vista. If its value is set to
Password parameters will be removed from the
ConnectionString property of the
Connection object once the connection has been opened. If you're creating new connections by just copying the
ConnectionString property from an existing and already opened connection to the new one, your code will break under Vista.
The problem can easily be fixed by explicitly setting
Persist Security Info to
True in your original connection string but it should be mentioned that this can be a potential security risk if untrusted code gets access to your
Connection object. Even more so in case you're not using integrated security and the connection string actually contains the user's password for accessing the database. It's a much better practice to have the actual connection string stored separately and use it directly to create new connections.
On a side note,
SqlClient in ADO.NET works much more consistently. The
Persist Security Info parameter always defaults to
False. It also only removes the Password parameter from the
ConnectionString property which makes changing its value to
True completely unnecessary unless you really feel a strong urge to share your user's password.