well, i hope i'm not posting is a wrong forum. i'm coding is asp.net new to asp.net but have knowledge in asp.i'm trying something new to me. i wonder if it is safe to put sensitive information like connectionstring or password in session, or application variable(that's what they do on samples,but i'm kinda doubt it).
anyway is there any good asp.net input sanitation tutorial or security ? thanks