Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mysticmirage2011-06-30 20:12:52
User identification
mysticmirage, 2011-06-30 20:12:52

Storing unhashed passwords in a database

It was required to store passwords of users in a database.
The password is needed for authentication on a third-party service, so hashing is not suitable.
Tell me how to do it better?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vas3K, 2011-06-30
@mysticmirage

1) Store session_tokens, unless of course the third-party service works through OAuth.
2) If not, encrypt with the key. Keep the key deep inside. So if the database is taken away, they will not decrypt it without the key.

Report
A
Albertum, 2011-06-30
@Albertum

Store encrypted (symmetrically or asymmetrically).
Take care of the encryption key.
Decrypt before use.

Similar questions
L
Leonid Fedotov2014-08-21 19:31:08
How to allow access to directories through .htaccess if there is a certain variable in $_SESSION? 2Reply
C
cat_crash2014-08-29 10:57:52
Yii how to make different authorizations in different modules? 2Reply
I
Irina Kirillova2016-09-13 15:40:18
How to restrict site viewing for everyone except the admin? 2Reply
A
Alexander2022-04-05 15:40:36
How to implement OAuth 2.0 authentication on the server and bind to the client? 0Reply
G
graduate students @graduate2020-11-19 00:37:06
Secure identification, authentication, authorization. What's better? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question