Solved

Store security login information in web site ?

Posted on 2014-12-01
4
102 Views
Last Modified: 2015-05-11
Now I will develop CMS web site so

I want to ask there best way to store username & password rather than store in table with database ?

I will use Oracle 10g database
0
Comment
Question by:ebwor
4 Comments
 
LVL 76

Accepted Solution

by:
slightwv (䄆 Netminder) earned 250 total points
Comment Utility
You typically store a hashed value of the password.  Hashs cannot be easily decrypted but can be ran against a rainbow table if someone knows the hashing method used.

This can be tightened up if you use a different SALT for each one.  You can store the salt used in a different table and control access through stored procedures.
0
 
LVL 13

Assisted Solution

by:Alexander Eßer [Alex140181]
Alexander Eßer [Alex140181] earned 250 total points
Comment Utility
OWASP (https://www.owasp.org/index.php/Main_Page) ist a quite good point to start with, apart from all the excellent information that can be gathered here ;-)
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
This video shows how to Export data from an Oracle database using the Datapump Export Utility.  The corresponding Datapump Import utility is also discussed and demonstrated.
This video shows how to configure and send email from and Oracle database using both UTL_SMTP and UTL_MAIL, as well as comparing UTL_SMTP to a manual SMTP conversation with a mail server.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now