?
Solved

User login security problem to access SQL databases

Posted on 2003-03-18
3
Medium Priority
?
137 Views
Last Modified: 2010-04-04
I am trying to develop app to use SQL databases, specially
with MySQL.

I am trying to hide user name and password in the Delphi
app, so the user do not have to input user name and password
for login. But what I am afraid is that an expert user
is able to spy (crack) the EXE file to find out the login name
and password, so he is able to login and using other
kind of SQL Management programs and mess up the database.

Any suggestions to avoid this kind of problem?

The reason is that since MySQL does not have views,
I am not able to give row privileges to the user to
only allow updates for the rows inserted only by himself,
making other people's rows untouchable. Because of
this, the user is able to login using other kinds
of SQL management systems to modify other peoples
records in the same table, which will make MySQL's
user login authentication useless for row privilege protection.


Thanks
0
Comment
Question by:hongsikchoi
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 4

Accepted Solution

by:
cjm30305 earned 500 total points
ID: 8160591
Encrypt the username and password using the crypto API, (api header convertion to pascal can be obtained from project jedi www.delphi-jedi.org ) and store those values into an ini file.  Read those values and decrypt them.  You get to choose the encryption style, and a key is auto generated from the API.

Cheers.
0
 

Expert Comment

by:CleanupPing
ID: 9316690
hongsikchoi:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question