Keep Persist Security Info as False

Setting Persist Security Info to true or yes will allow security-sensitive information, including the userid and password, to be obtained from the connection after the connection has been opened. If you are supplying a userid and password when making a connection, you are most protected if that information is used to open the connection, and then discarded. As a result, your option that helps to provide greater security is to set Persist Security Info to false or no.

This is especially important if you are supplying an open connection to an untrusted source or persisting connection information to disk. Keeping Persist Security Info as false helps ensure that the untrusted source does not have access to the security-sensitive information for your connection and also helps ensure that no security-sensitive information is persisted to disk with your connection string information.

Persist Security Info is false by default.