Re: [Tutor] How to obfuscate a database password. (fwd)

2005-04-21 Thread Alan Gauld
> I am not necessarily talking about passwords for users but about the > password that is used for connecting to the database. In a compiled > language you would have to look pretty hard in a dll to find where the > password had been encoded. IT would be insanely bad practice to embed the password

Re: [Tutor] How to obfuscate a database password.

2005-04-20 Thread David Driver
So I could do the folowing: Create a DB logon for each user that has permissions to just about everything. Have them log on each time. This would require an application that they could manage their passwords. I already needed an application for managing permissions within the applic

Re: [Tutor] How to obfuscate a database password.

2005-04-19 Thread Danny Yoo
> I am not necessarily talking about passwords for users but about the > password that is used for connecting to the database. Hi David, Ah, ok, I misunderstood the problem then. Hmmm... I agree with the others who have said that this is difficult. *grin* Eventually, you'll need to decrypt wh

Re: [Tutor] How to obfuscate a database password. (fwd)

2005-04-19 Thread Danny Yoo
-- Forwarded message -- Date: Tue, 19 Apr 2005 19:47:20 -0500 From: David Driver <[EMAIL PROTECTED]> To: Danny Yoo <[EMAIL PROTECTED]> Subject: Re: [Tutor] How to obfuscate a database password. I am not necessarily talking about passwords for users but about the pass

Re: [Tutor] How to obfuscate a database password.

2005-04-19 Thread Max Noel
On Apr 20, 2005, at 01:29, Danny Yoo wrote: Is there a convention for obfuscating database passwords? Hi David, Most people run passwords through some sort of hashing function. That is, databases almost never contain passwords in the clear, but instead store the hashes of those passwords. For

Re: [Tutor] How to obfuscate a database password.

2005-04-19 Thread Danny Yoo
> > Is there a convention for obfuscating database passwords? Hi David, Most people run passwords through some sort of hashing function. That is, databases almost never contain passwords in the clear, but instead store the hashes of those passwords. For example, I am almost positive that Amaz

Re: [Tutor] How to obfuscate a database password.

2005-04-19 Thread Alan Gauld
> Is there a convention for obfuscating database passwords? Depends what you mean. Do you mean encryption at the point of use? That depends on the database. Do you mean in your program? That usually means unobfuscating it before use and its still vulnerable to interception. Do you mean whi

[Tutor] How to obfuscate a database password.

2005-04-19 Thread David Driver
Is there a convention for obfuscating database passwords? I think that in the end there will be a script that boot-straps to zipped modules but I don't think that that is secure enough. I was thinking about asking the database lists but I think that this is more of a general question. -- ***