User login security problem to access SQL databases

Posted on 2003-03-18
Medium Priority
Last Modified: 2010-04-04
I am trying to develop app to use SQL databases, specially
with MySQL.

I am trying to hide user name and password in the Delphi
app, so the user do not have to input user name and password
for login. But what I am afraid is that an expert user
is able to spy (crack) the EXE file to find out the login name
and password, so he is able to login and using other
kind of SQL Management programs and mess up the database.

Any suggestions to avoid this kind of problem?

The reason is that since MySQL does not have views,
I am not able to give row privileges to the user to
only allow updates for the rows inserted only by himself,
making other people's rows untouchable. Because of
this, the user is able to login using other kinds
of SQL management systems to modify other peoples
records in the same table, which will make MySQL's
user login authentication useless for row privilege protection.

Question by:hongsikchoi

Accepted Solution

cjm30305 earned 500 total points
ID: 8160591
Encrypt the username and password using the crypto API, (api header convertion to pascal can be obtained from project jedi www.delphi-jedi.org ) and store those values into an ini file.  Read those values and decrypt them.  You get to choose the encryption style, and a key is auto generated from the API.


Expert Comment

ID: 9316690
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Objective: - This article will help user in how to convert their numeric value become words. How to use 1. You can copy this code in your Unit as function 2. than you can perform your function by type this code The Code   (CODE) The Im…
Introduction I have seen many questions in this Delphi topic area where queries in threads are needed or suggested. I know bumped into a similar need. This article will address some of the concepts when dealing with a multithreaded delphi database…
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
Is your organization moving toward a cloud and mobile-first environment? In this transition, your IT department will encounter many challenges, such as navigating how to: Deploy new applications and services to a growing team Accommodate employee…
Suggested Courses

616 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question