P
P
password222022-01-24 22:36:15
ASP.NET
password22, 2022-01-24 22:36:15

How to store password and login in a web application?

Good afternoon. I need to access a third party api from my site that requires basic auth to get data.

I've looked all over the internet and have not found a single adequate answer to this question.

Where and how can I safely store the password and login on my site, or in an encrypted database, or in some encrypted configs ...? How is this even implemented in production?

Thanks

Answer the question

In order to leave comments, you need to log in

2 answer(s)
V
Vasily Bannikov, 2022-01-25
@password22

On the backend, there is not much difference where to put it.
Option times: in cleartext to environment variables, appsettings, or any other config. For convenience, you can encode in base64, but not necessarily.
Option two: secure, but difficult. Using an external service like Vault or Azure Key Vault .
UPD: completely forgot. Never commit secrets to git. If you commit and forget, you will be tortured to clean up.
It is for this reason that they should be stored in separate files, and not in code. And the files themselves are written in .gitignore

V
Vladimir Korotenko, 2022-01-24
@firedragon

https://docs.microsoft.com/en-us/aspnet/core/secur...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question