• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Working with an encrypted database

#7
(05-17-2019, 09:07 AM)jhob Wrote: Although further issue is if encryption key is stored on the server as plain text, as it would be with CI encryption library, and the server is then compromised, attacker would have the key required to decrypt the contents of the database.  Are there any solutions that can help to guard against that?

I'm no security expert, but maybe a solution would be to store the key on the client side, sent with each request over https? Or some kind of 2 factor authentication, one key on the server and another one sent from the client side, and you need the 2 keys to decrypt the database? Those are just ideas, I don't know if it would be more secure.
Test your translation files with Translation Tester
Reply


Messages In This Thread
Working with an encrypted database - by jhob - 05-17-2019, 02:37 AM
RE: Working with an encrypted database - by jhob - 05-17-2019, 09:07 AM
RE: Working with an encrypted database - by includebeer - 05-17-2019, 03:39 PM
RE: Working with an encrypted database - by jhob - 05-17-2019, 09:08 AM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.