Solved

Store security login information in web site ?

Posted on 2014-12-01
4
123 Views
Last Modified: 2015-05-11
Now I will develop CMS web site so

I want to ask there best way to store username & password rather than store in table with database ?

I will use Oracle 10g database
0
Comment
Question by:ebwor
4 Comments
 
LVL 77

Accepted Solution

by:
slightwv (䄆 Netminder) earned 250 total points
ID: 40473954
You typically store a hashed value of the password.  Hashs cannot be easily decrypted but can be ran against a rainbow table if someone knows the hashing method used.

This can be tightened up if you use a different SALT for each one.  You can store the salt used in a different table and control access through stored procedures.
0
 
LVL 13

Assisted Solution

by:Alexander Eßer [Alex140181]
Alexander Eßer [Alex140181] earned 250 total points
ID: 40473970
OWASP (https://www.owasp.org/index.php/Main_Page) ist a quite good point to start with, apart from all the excellent information that can be gathered here ;-)
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Shell script to create broker configuration file using current broker Configuration, solely for purpose of backup on Linux. Script may need to be modified depending on OS-installation. Please deploy and verify the script in a test environment.
This video shows how to Export data from an Oracle database using the Datapump Export Utility.  The corresponding Datapump Import utility is also discussed and demonstrated.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question