I need to get a VB6 application developed that will be deployed to over a 1,000 end users. Their application data will not be stored locally but on a central SQL db on a server through internet. Each user can view and update certain information on the db.

The problem is, the SQL db username and password cannot be hard-coded into the application as the password may change anytime.

And if the password is kept on a file either on the client machine or on the server then anyone can view the db username and password and STEAL all the db content!

How to protect the db username and password and also allow the Admin to change those 2 values without having all the users to update their application?