Re: searching for encrypted fields in data columns

From: David Portas <REMOVE_BEFORE_REPLYING_dportas_at_acm.org>
Date: Wed, 7 Apr 2004 02:41:23 +0100
Message-ID: <RfSdnZ8R0vupwe7dRVn-ig@giganews.com>

> advantage is that no-one knows the key in our binary, only encrypted

Except someone who (legitimately or illegitimately) has the binary and can therefore hack *any* users password... Or someone who hacks the users machine... Or hostile code on the users machine... etc, etc.

Use a secure hash for this type of authentication security.

-- 
David Portas
SQL Server MVP
--

Received on Tue Apr 06 2004 - 20:41:23 CDT

This message: [ Message body ]
Next message: Frank: "OEM 2.0 alert setup"
Previous message: Bricklen: "Re: Install question about Oracle8i and Debian GNU_Linux"
In reply to: nbnet: "Re: searching for encrypted fields in data columns"
Next in thread: S. Davis: "Re: searching for encrypted fields in data columns"
Reply: S. Davis: "Re: searching for encrypted fields in data columns"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US