It is possible to encrypt all or part of a config file if it contains sensitive information. The .NET configuration classes handle the job of decrypting when reading and encrypting when writing without you lifting a finger. You just have to perform the initial encryption of the file. MSDN has the details.