When connecting the ASP.net with a database. You will need to configure its database connection in the web.config file.
However exposing the sensitiive data like the password and user name in the web config file can bring big damage to your system when it being seen by unauthorized user.
In the ASP.net 2.0 this problem can solve by adding an encryption method. This encryption can be applied by normal without any programming background. To do this you will need the aspnet_regiis.exe a built in framework tool provided by Microsoft.
Read more on this...