Connection String for selling Web Applications?

If I'm wanting to sell my Web Applications to clients that run using SQL Server, is it best to use a UserID and Password in the connection string, or would using Windows Integrated Security (SSPI) do? The reason I'm wondering is because I wouldn't know my customer's UserID and Password when they purchased one of my web apps, I would have to recompile the app with the new connection string (I'm not storing it in the web.config file)..

What is the best way to handle this on a global level, so that it would work on any system?

for example, would having the following connection string be a good idea for a production site?

string strMyConnectionString = " Data Source = (local); Integrated Security = SSPI; Initital Catalog = MyDBSource; ";It would really be better to allow it to be specified in the Web.Config. What happens if the database is not located on the same machine?|||Why are you not storing it in the web.config file ?|||I didn't store it in the web.config file for security reasons. Would the web.config be the best way to go? Should I encrypt the string?|||Yes and Yes