Solved

Store security login information in web site ?

Posted on 2014-12-01
4
121 Views
Last Modified: 2015-05-11
Now I will develop CMS web site so

I want to ask there best way to store username & password rather than store in table with database ?

I will use Oracle 10g database
0
Comment
Question by:ebwor
4 Comments
 
LVL 76

Accepted Solution

by:
slightwv (䄆 Netminder) earned 250 total points
ID: 40473954
You typically store a hashed value of the password.  Hashs cannot be easily decrypted but can be ran against a rainbow table if someone knows the hashing method used.

This can be tightened up if you use a different SALT for each one.  You can store the salt used in a different table and control access through stored procedures.
0
 
LVL 13

Assisted Solution

by:Alexander Eßer [Alex140181]
Alexander Eßer [Alex140181] earned 250 total points
ID: 40473970
OWASP (https://www.owasp.org/index.php/Main_Page) ist a quite good point to start with, apart from all the excellent information that can be gathered here ;-)
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question