Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mysticmirage2011-06-30 20:12:52
User identification
mysticmirage, 2011-06-30 20:12:52

Storing unhashed passwords in a database

It was required to store passwords of users in a database.
The password is needed for authentication on a third-party service, so hashing is not suitable.
Tell me how to do it better?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vas3K, 2011-06-30
@mysticmirage

1) Store session_tokens, unless of course the third-party service works through OAuth.
2) If not, encrypt with the key. Keep the key deep inside. So if the database is taken away, they will not decrypt it without the key.

Report
A
Albertum, 2011-06-30
@Albertum

Store encrypted (symmetrically or asymmetrically).
Take care of the encryption key.
Decrypt before use.

Similar questions
V
Vyacheslav2015-10-17 09:28:51
How to set up authentication in an AD domain using Em-Marine (Bolid) cards? 4Reply
I
Ilya Pavlov2015-10-18 18:26:09
Where should you start encrypting your password? 4Reply
A
Anton2011-09-02 05:57:22
Apache LDAP authentication 2Reply
A
auskst2018-03-06 13:11:47
How to log in with a post request to Microsoft Forefront TMG? 0Reply
M
Max Pavlov2011-11-11 19:49:55
How to uniquely identify a user when logging in through social networks? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question