Answer the question
In order to leave comments, you need to log in
P
P
password222022-01-24 22:36:15
password22, 2022-01-24 22:36:15
How to store password and login in a web application?
Good afternoon. I need to access a third party api from my site that requires basic auth to get data.
I've looked all over the internet and have not found a single adequate answer to this question.
Where and how can I safely store the password and login on my site, or in an encrypted database, or in some encrypted configs ...? How is this even implemented in production?
Thanks
2 answer(s)
@password22
V
Vasily Bannikov, 2022-01-25 @password22
On the backend, there is not much difference where to put it.
Option times: in cleartext to environment variables, appsettings, or any other config. For convenience, you can encode in base64, but not necessarily.
Option two: secure, but difficult. Using an external service like Vault or Azure Key Vault .
UPD: completely forgot. Never commit secrets to git. If you commit and forget, you will be tortured to clean up.
It is for this reason that they should be stored in separate files, and not in code. And the files themselves are written in .gitignore
Similar questions
A
D
Daeamon2016-12-04 17:49:18
How to generate a list of the most matching elements by condition?
1Reply
G
B
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question