On 28/02/2017 15:46, Bob Sneidar via use-livecode wrote:
Thanks for that Peter! I've been thinking about a way to encrypt data
for storage in database systems for things like passwords and server
credentials. Now to figure out how to decrypt it...
Hi Bob,
Never store user passwords in clear text, or in any encoding that can be
reversed. Both message digest algorithms and HMACs are intended to be
*one-way* functions -- this is one of their important properties.
If you are handling passwords, then this is a pretty decent page with
good guidelines on how to do it safely and securely:
https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
Note that the HMAC definition I posted earlier is a simplified version;
it would probably be a good idea to have a library that provides the
full spec described in https://tools.ietf.org/html/rfc2104
Also, I'm wondering whether to add an Argon2 or PBKDF2 implementation to
the engine to help with this.
Peter
--
Dr Peter Brett <peter.br...@livecode.com>
LiveCode Technical Project Manager
lcb-mode for Emacs: https://github.com/peter-b/lcb-mode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
