Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: How should passwords be stored in a database?

Re: How should passwords be stored in a database?

From: Michael Vilain <vilain_at_spamcop.net>
Date: Sat, 01 Sep 2001 21:35:16 -0700
Message-ID: <michael-ADE7CB.21351601092001@news.tdl.com> 





In article <9msble$hio_at_dispatch.concentric.net>,
 "Philip Koblence" <cybercast99_at_yahoo.com> wrote:



> I have seen in many instances where website customers passwords are stored

> in databases like Oracle. What is a safer way to store passwords in

> databases? If a hacker breaks in to the databases he has access to all the

> passwords.

> 

> Also people who use php or asp or perl scripts have passwords in their

> scripts for the database connections. If a hacker breaks in and sees these

> scripts he can easily find that login and password.




Passwords stored in databases aren't usually in clear text but rather 
encrypted.



man passwd


man crypt


-- 
Michael Vilain, Certified Advanced Rolfer(r)
http://www.vilain.com


Received on Sat Sep 01 2001 - 23:35:16 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US