homepage Welcome to WebmasterWorld Guest from 54.197.65.82
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

    
Help with password encryption
simple ways to protect userids and passwords.
harmonyjones

10+ Year Member



 
Msg#: 836 posted 4:55 am on Apr 3, 2002 (gmt 0)

We are running a database driven web site with thousands of registered users.

I would like to know what the industry standard /best practices are with respect to password protection. We have a SQL 2000 DB running on W2K server, and one of the tables in the DB stores the user ids and passwords.

How secure is this data and how can we protect this from hackers ? Can we store the data in encrypted form ? Does SQL Server / W2K have any security features that can help us ?

Any help would be appreciated.

 

DaveAtIFG

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 836 posted 9:23 pm on Apr 4, 2002 (gmt 0)

Caution: I'm far from an expert! A good start may be your W2K help file, look under "encryption, best practices." The EFS (Encrypted File System) may be what you're looking for. Also, this forum [winnetmag.com] is on topic and fairly active. Lastly, my apologies... This is the second time today that I suggested you try a different forum. My intent is that others here at WebmasterWorld will see your questions floated to the top of the active list and be able to offer some help. If not, at least you have some places to dig further.

Lisa

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 836 posted 5:14 am on Apr 5, 2002 (gmt 0)

I would look into MD5 encription. I don't use Microsoft technology on the web. But in unix MD5 functions are in most of the programming languages like PHP and Perl.

EliteWeb

WebmasterWorld Senior Member eliteweb us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 836 posted 5:43 am on Apr 5, 2002 (gmt 0)

There should be a way to select a field as a password field which should encrypt the data. Atleast there is with mySQL, and database stuff works the same for the most part ;0

Lisa

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 836 posted 7:08 am on Apr 5, 2002 (gmt 0)

I would use a standard encription scheme. MySQL does have a built in password() function. But if I had to change to another database that data in that field would be garbage.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved