On Tue, Feb 24, 2009 at 6:49 AM, LaundroMat <laun...@gmail.com> wrote:
> > Hi - > > I'm working on a small django app that allows users to interact with > other websites where they have an account. Ofcourse, using this app > means providing your username and password for the other website. > > What are the most secure ways of handling this information? I suppose > encrypting the passwords is one option, but are there any ways to > prevent people who have access to the app's source code and database > of retrieving user's names and passwords? > > Thanks in advance, > > Mathieu > > > If you're going to need to log into another website that you don't have control over using this password you can do whatever you want to it, but ultimately you need to be able to restore it to it's plaintext format, which means you can't do any hashing or the like. Alex -- "I disapprove of what you say, but I will defend to the death your right to say it." --Voltaire "The people's good is the highest law."--Cicero --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
