When you connect using ODBC you have to provide credentials to connect to the DB. How do you protect from someone just reading the connection string once decompiled?
You do not distribute Your code with the login credentials.
If it’s server-side code, then you just need to worry about those, who have access to the system. If it’s a client side app, let the user have it’s own account or make it connect against Your own server implementation, so the client wouldn’t have direct access.
You can put Your credentials into a separate file and limit the access or You can put them into the environment properties.
Everything You distribute to the clients can be decompiled and hacked and as such is inherently unsafe.
Ah i was being an idiot, the question was in relation to a client->server application so yeah only the server needs to connect to the DB.
Thanks 