Answer the question
In order to leave comments, you need to log in
A
A
Alexey2018-11-19 11:14:48
Alexey, 2018-11-19 11:14:48
How to store confidential user data?
Hello!
Share your experience/ideas on how to store API keys, secrets, tokens, etc. users (for access to third-party services). Clearly in the database, of course, is not an option
* encrypt with a password (which is set when registering on the site / application)
* use third-party services (what?)
Maybe someone has already come across
1 answer(s)
@amexlar
X
xmoonlight, 2018-11-19 @amexlar
1. No password encryption! Because no encrypted password on the server => Only the password hash!
2. No third-party services, including CRM and the like => Data is confidential!
3. Encrypt data using the server key and using the built-in encryption tools of the selected database.
4. Server key for decryption, processing of conf. data and storage of conf. data - store on 3 different servers with API interaction (better, with behavioral filter control on intermediate nodes when making requests).
5. When transferring between different hosting - use your encryption protocol (in addition to SSH, TLS/SSL).
Similar questions
A
A
T
H
L
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question