security - Best way to store password in database -

-

I am working on a project that has authentication (user name / pass)

this Also connects to a database, so I thought I would store the username and password there, but it seems that the table sitting on DB should not have a password as a text field, there is no such good idea. >

Using C # and by 2008 Express Server Ekt Does anyone get the idea (possibly the best way of many examples) to store this type of data?

(I am open to the idea that this information is not stored in DB if a good reason can be provided)

You are right that accumulating a password in a plain-text field is an awesome idea, however, as long as it stays , in most cases you (and I honestly can not think of any counter-example) in a passport in the representation database The proper job is to represent I mean that you want to have a password (which should be different for each user) and use a secure 1-way algorithm to heath the password and that After you want to throw away the original password, when you want to check a password, you compare the value of the value (by using the same hashing algorithm and salt) and the database in the database.

So, when it's a good thing to think about and it's a good question, it's actually at least one duplicate of these questions:

    • To make a bit more clear, the danger of having a password stored and storing it is that if an encroachment is holding your database, then they can still use the password that has the "decrypt" password ( Less Less than those visible in the rainbow table) are known as. To get around this, developers add a password, which is done properly, attacks the rainbow that are unable to do only. Note that a common misconception is to add a uniform unique and long string only for all passwords; While it is not awesome , it is best to add unique salts for each password.


    Comments

    Post a Comment

    Popular posts from this blog

    c++ - Linux and clipboard -

    -
    After selecting the copies of the buffer in Linux, after the text, we can click and paste the button between the mouse. I think there is a special buffer for this, I want to use it. Programming Language: C ++ Your Library: Qt Thanks. There is just one more correct answer than Paul Dixon, which answers your needs: / P > QClipboard * clipboard = QApplication :: clipboard (); CastString Selected Text = Clipboard-> Text (QClipboard :: Selection);
    Read more

    Visual Studio 2005: How to speed up builds when a VSMDI is open? -

    -
    Using Visual Studio 2005, if I open the test in VSMFI and try to run the tests, then sometimes the projects are ready. However, they run very slow. CPU 99% waste and output window VS Shows things associated with compiling it. Is there any way to fix this? It does not make any sense. It is not necessary to upgrade that we are a viable alternative to those people who have to deal with the legacy code. Did you try to upgrade SP1? I do not know of any specific problem in this area, but this will be the first change I tried to do.
    Read more

    booting ubuntu from usb using virtualbox -

    -
    I am trying to install Ubuntu on a USB, the problem is that I do not want to repeat the boot once, I want to keep my windows, but I want to boot Ubuntu using the virtualbox and USB to the Ubuntu Want to use my hard drive, but how? The virtualbox will not recognize USB as a hard drive when installing an ISO In virtualbox, you have to create a virtual hard disk. Make a USB drive and tell the virtual box to install a virtual hard drive that you just created. EDIT: To answer some more questions: In the new Virtual Disk dialog, click the button next to the location field, click on the button Virtual Disk on Flash Drive To access, click the arrow next to Save in the Select File in the window next to Save In, and you can access your flash drive from there. I recommend setting the image to be allocated dynamically, because the size of your flash drive is not available disk space. I name the image, then select that image to install Ubuntu in the Verbill box. The virtualbox will never...
    Read more