c# - How to encrypt Winform settings -

i using visual studios 2017 , have used winform project.

my issue once project built , application settings stored in same location .exe, user can gain access password inside xml.

i have tried changing embedded causes issues.

desktop directory (not debug directory)

<?xml version="1.0" encoding="utf-8"?> <configuration>   <configsections>     <sectiongroup name="usersettings" type="system.configuration.usersettingsgroup, system, version=4.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089">       <section name="tsrvtcnew.properties.settings" type="system.configuration.clientsettingssection, system, version=4.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089" allowexedefinition="machinetolocaluser" requirepermission="false" />     </sectiongroup>     <sectiongroup name="applicationsettings" type="system.configuration.applicationsettingsgroup, system, version=4.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089" >       <section name="tsrvtcnew.properties.settings" type="system.configuration.clientsettingssection, system, version=4.0.0.0, culture=neutral, publickeytoken=b77a5c561934e089" requirepermission="false" />     </sectiongroup>   </configsections>   <startup>     <supportedruntime version="v4.0" sku=".netframework,version=v4.5.2" />   </startup>   <usersettings>     <tsrvtcnew.properties.settings>       <setting name="message" serializeas="string">         <value />       </setting>       <setting name="datapath" serializeas="string">         <value />       </setting>       <setting name="launcherpath" serializeas="string">         <value />       </setting>       <setting name="agreed" serializeas="string">         <value>false</value>       </setting>     </tsrvtcnew.properties.settings>   </usersettings>   <connectionstrings>     <add name="defaultconnection" connectionstring="data source = |sql/ce|" />   </connectionstrings>   <applicationsettings>     <tsrvtcnew.properties.settings>       <setting name="password" serializeas="string">         <value>tsrvtc2k17_dub</value>       </setting>     </tsrvtcnew.properties.settings>   </applicationsettings> </configuration> 

the goal want achieve protect entire file user can not modify or read it.

since have no clue on how , reading suggested duplicate still have no idea on how can done.

i able encrypt of app.config settings using blueprint:

http://www.heikniemi.net/hardcoded/2013/06/encrypting-connection-strings-in-windows-azure-web-applications/

i used encrypt key needed used access tools within api on website needs user authentication access.