Yes, that's a good idea. Somebody on the list suggested that writes a client side plug-in or some sort to retrieve the encrypted password from the server and decode it using some private key at client side. That way if intruder got a hold of the encrypted password or got a hold of the private key, the password is still relatively safe.
This is probably a safer way than the methold I suggested in my first email. Any other thoughts? Thanks. Wooi. > Good evening Tia, > > I have thought about your idea a few times, but always some pretty good > arguments against this project came to my mind. In my opinion the main > problem is that you have to safe the passwords on a server and like > you said: If the server is penetrated, the passwords will be lost. So > you have to look after a method of getting the passwords without > saving them on the server. Databases aren't "very" secure; not enough > secure for your project. My thought is coding a script which > constitutes your passwords that you want to keep safe. So you have a > private key with which you have to login into your account --> you > have to fill in a form and after clicking "submit" the script > generates your passwords without the constraint to connect to your > database. Ok, by getting into the server and downloading this script > the attacker can try to crack the algorithm, but without the private > Key he won`t find out your stored passwords. > This is only my theory and my thoughts about this issue. But I think it > is very sophisticated to solve a problem like this. > > Sincerely > > Dominik Birk > > > > At 21:53 08.04.02 -0400, Wooi Koay wrote: >>Hi, >> >>I would like to write a web app that stores a list of passwords >>securely. The reason why it has to be a web app is because I want to >>access the site using blackberry (rim handheld). >> >>My idea is to decrypt the password list using a public key, and when a >>valid user logs in, the password list are decrypted using the user's >>private key. If another user accidentally access the password list of >>different people, he still can't read the password list because he >>doesn't have the matched private key. The problem that I can see is >>that the webserver somehow need to have access to the public/private >>key pair. If the webserver is compromised, the passwords could >>potentially be read. Any thought on that? >> >>TIA, wooi. > > -- > http://www.code-foundation.de > 217.229.69.207 - - [14/Oct/2001:02:29:41 +0200] "GET > /MSADC/root.exe?/c+dir > > Microsoft? Where do you want to surf today?
