Encrypting passwords – What’s the point?
It’s Friday, I’ve had a long week and something has just popped into my head that I really should be able to answer, but I can’t! It’s probably a very stupid question.
You have a finance or HR system in your business, perhaps based on an Oracle or SQL database. A decision is made, like most places I presume, not to encrypt the entire database, however users passwords are stored encrypted (in whatever way that may be). What’s the point behind this? What I’m questioning is if an attacker can get access to that database file can they not get access to all the other data they need and there for not require all the passwords?
Perhaps what I’m missing is a better understanding of how an attack may happen on a database or how databases work. The only thing I can think of is that an SQL/Oracle etc. database isn’t a flat file so you can’t just open it in a notepad and view data. You will have to load/connect to it via an SQL Server where you will have to authenticate. Then what? You manage to compromise/guess an account username and password. This gives you access to the database and therefore the data you want. You’ve got access so why do you need the remaining passwords? What’s so valuable about the passwords when the system may hold bank account details that may not be encrypted?
One of the only uses I can think of is you compromise an account in the database so you can view data but what are you going to do with it. Isn’t the point you then compromise other accounts so that you can log into the databases application and run fraudulent transactions through the system?
You have a finance or HR system in your business, perhaps based on an Oracle or SQL database. A decision is made, like most places I presume, not to encrypt the entire database, however users passwords are stored encrypted (in whatever way that may be). What’s the point behind this? What I’m questioning is if an attacker can get access to that database file can they not get access to all the other data they need and there for not require all the passwords?
Perhaps what I’m missing is a better understanding of how an attack may happen on a database or how databases work. The only thing I can think of is that an SQL/Oracle etc. database isn’t a flat file so you can’t just open it in a notepad and view data. You will have to load/connect to it via an SQL Server where you will have to authenticate. Then what? You manage to compromise/guess an account username and password. This gives you access to the database and therefore the data you want. You’ve got access so why do you need the remaining passwords? What’s so valuable about the passwords when the system may hold bank account details that may not be encrypted?
One of the only uses I can think of is you compromise an account in the database so you can view data but what are you going to do with it. Isn’t the point you then compromise other accounts so that you can log into the databases application and run fraudulent transactions through the system?
Éric Moreau
Humans are lazy (I know I am human!). People tends to reuse the same password over and over again. So if your password are clear text and a cyber-attacker grabs them, chances are they will be able to connect to other service from the web for those users.
If you are using Passwords in DB then it is a very good idea to encrypt then so that other people cannot login in to the Db and see your password. People can also misuse your password as they can see that as a clear text. So it is very good and necessary thing.
Apart from this people also encrypt Salary and other important information.
Good luck
Apart from this people also encrypt Salary and other important information.
Good luck
Also it is usually a good idea to use a one way encryption algorithm on passwords. Since lots of users tend to reuse passwords this adds an extra layer of security to a user. There is really know reason for an application to ever know the actual password. Just if the two encryptions match.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I think the confusion starts in the understanding of what the purpose of db encryption.
The db encryption deals with securing the data from being taken. Direct access to the server, is needed.
I.e. Boot system using alternate boot media, locate the database files, copy them out.
Attach them on another server...... If encrypted, this type person will not have access to the db data without the master key/certificate.
Several explained why user passwords are encrypted.
One of them is a way to avoid having an inside person accessing and disclosing other user's credentials.
I.e. Person A has rights to manage access the data, list the user/password. Either use other's credentials todo .... Or sale ..
...
The db encryption deals with securing the data from being taken. Direct access to the server, is needed.
I.e. Boot system using alternate boot media, locate the database files, copy them out.
Attach them on another server...... If encrypted, this type person will not have access to the db data without the master key/certificate.
Several explained why user passwords are encrypted.
One of them is a way to avoid having an inside person accessing and disclosing other user's credentials.
I.e. Person A has rights to manage access the data, list the user/password. Either use other's credentials todo .... Or sale ..
...
I don't think the question was bout database encryption, merely the encryption of the contents of the password (and maybe username) columns
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Another great reason to encrypt a password in a database with a one way hash is can help protect users passwords from people who do have access to your database. It kind of protects your company from itself. You don't have to worry about a disgruntled employee or someone exporting passwords not thinking they are doing anything that could be stolen.
ASKER
Thanks for everyone's input