You could use Turck to convert the file to byte code. Not exactly
state of the art security as Turck does not have any encryption
itself, but definately a better option than plain text.
- Sid
On Fri, 2 Jul 2004 22:32:24 -0400 (EDT), Michal Migurski
<[EMAIL PROTECTED]> wrote:
> > I realize the ke
> I realize the key needs to be stored somewhere which is part of the
> problem of how to make it a bit more secure. I just don't feel safe if
> a password in a flat file in clear text. Ideally the database should
> support something like an ssh style public/private Key auth where the
> private K
Well that's a whole different thing, then.
-Original Message-
From: Anzak Wolf [mailto:[EMAIL PROTECTED]
Sent: Friday, July 02, 2004 1:40 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Password encyption
I do run my own server but I know for a fact that even
>So host your own server. That way nobody but you has access to it.
>Then you could store the password wherever you want, unecrypted, and it
>wouldn't matter. If you're running an application that's that security
>conscious, you shouldn't be using a shared server anyway.
I do run my own server bu
server anyway.
>
> -Original Message-
> From: Anzak Wolf [mailto:[EMAIL PROTECTED]
> Sent: Friday, July 02, 2004 1:24 PM
> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: [PHP] Password encyption
>
>
> Yes I have looked though since
Original Message-
From: Anzak Wolf [mailto:[EMAIL PROTECTED]
Sent: Friday, July 02, 2004 1:24 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP] Password encyption
Yes I have looked though since I'm not 100% sure what I'm looking for
it is
hard
>[snip]
>I realize the key needs to be stored somewhere which is part of the
>problem of how to make it a bit more secure. I just don't feel safe if
>a password in a flat file in clear text. Ideally the database should
>support something
>like an ssh style public/private Key auth where the privat
[snip]
I realize the key needs to be stored somewhere which is part of the
problem of how to make it a bit more secure. I just don't feel safe if
a password in a flat file in clear text. Ideally the database should
support something
like an ssh style public/private Key auth where the private Key
I realize the key needs to be stored somewhere which is part of the problem
of how to make it a bit more secure. I just don't feel safe if a password
in a flat file in clear text. Ideally the database should support something
like an ssh style public/private Key auth where the private Key is s
Anzak Wolf wrote:
Call me paranoid but I think I would rather play the little
bit in overhead to decypt the password to give myself a slightly safer
feel about my database password.
Paranoid.
And where do you plan on keeping the key to decrypt the password? In
another file? How are you going to
[snip]
But has anyone done something like encypting that password rather than
leaving it in plan text.
[/snip]
Yes.
Happy Independence Day!
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
11 matches
Mail list logo
