I had been passing username/password strings directly into the ADO.NET connection string, however this means that if a user has a quote character in his password, it borks the ConnectionString and ...