Get the encrypted string into some variable and then decrypt that, so that you don't have to modify the web.config