<BR>Hello,<BR><BR>I am using "DSN=mydsnname;userid=sa;pwd=" for my connection string. How safe is this? I am creating my first live ASP site, and thought using DSN and putting all SQL code in stored procedures would hopefully cover me in terms of security.<BR><BR>Am I on the right track? Any further advice? <BR><BR>I highly appreciate your help.<BR><BR>Emir<BR><BR>PS It would be nice if Security FAQ could be developed, when you get some free time, if ever :). Thanks.