From e27fa6997a81b9d788f23e74669a4251cb19ab39 Mon Sep 17 00:00:00 2001
From: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com>
Date: Tue, 22 Oct 2024 17:00:23 -0600
Subject: [PATCH 1/2] env variables not encryped

---
 aspnetcore/security/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aspnetcore/security/index.md b/aspnetcore/security/index.md
index 2b2840462cc4..07cc982abd52 100644
--- a/aspnetcore/security/index.md
+++ b/aspnetcore/security/index.md
@@ -61,7 +61,7 @@ Managed identities are a secure way to authenticate to services without needing
 * [Managed identities for App Service and Azure Functions](/azure/app-service/overview-managed-identity)
 * [Secure authentication flows](/entra/identity-platform/authentication-flows-app-scenarios#web-app-that-signs-in-a-user)
 
-When the app is deployed to a test server, an environment variable can be used to set the connection string to a test database server. For more information, see [Configuration](xref:fundamentals/configuration/index). We recommend environment variables not be used to store a production connection string as it's not the most secure approach.
+When the app is deployed to a test server, an environment variable can be used to set the connection string to a test database server. For more information, see [Configuration](xref:fundamentals/configuration/index). Environment variables are generally stored in plain, unencrypted text. If the machine or process is compromised, environment variables can be accessed by untrusted parties. We recommend environment variables not be used to store a production connection string as it's not the most secure approach. 
 
 For more information, see:
 

From 1d9365d4a067d0c4d91a1daaf9a48bb1826228ee Mon Sep 17 00:00:00 2001
From: Rick Anderson <3605364+Rick-Anderson@users.noreply.github.com>
Date: Tue, 22 Oct 2024 17:02:47 -0600
Subject: [PATCH 2/2] Update aspnetcore/security/index.md

---
 aspnetcore/security/index.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aspnetcore/security/index.md b/aspnetcore/security/index.md
index 07cc982abd52..d8ab5f4c0068 100644
--- a/aspnetcore/security/index.md
+++ b/aspnetcore/security/index.md
@@ -61,7 +61,7 @@ Managed identities are a secure way to authenticate to services without needing
 * [Managed identities for App Service and Azure Functions](/azure/app-service/overview-managed-identity)
 * [Secure authentication flows](/entra/identity-platform/authentication-flows-app-scenarios#web-app-that-signs-in-a-user)
 
-When the app is deployed to a test server, an environment variable can be used to set the connection string to a test database server. For more information, see [Configuration](xref:fundamentals/configuration/index). Environment variables are generally stored in plain, unencrypted text. If the machine or process is compromised, environment variables can be accessed by untrusted parties. We recommend environment variables not be used to store a production connection string as it's not the most secure approach. 
+When the app is deployed to a test server, an environment variable can be used to set the connection string to a test database server. For more information, see [Configuration](xref:fundamentals/configuration/index). Environment variables are generally stored in plain, unencrypted text. If the machine or process is compromised, environment variables can be accessed by untrusted parties. We recommend environment variables not be used to store a production connection string as it's not the most secure approach.
 
 For more information, see: