Tracing capability can be enabled either through environment variables or the provider-specific OpenAccessTrace class. The data provider traces the input arguments to all of its public method calls, as well as the outputs and returns from those methods (anything that a user could potentially call). Each call contains trace entries for entering and exiting the method.
During debugging, sensitive data can be read, even if it is stored as a private or internal variable and access is limited to the same assembly. To maintain security, trace logs show passwords as five asterisks (*****).
Note, however, that if the Persist Security Info connection string option is set to true, the password will be displayed in clear text. See Using Connection Pooling for more information about connection strings.