Poll: Your opinion on "golden middle" (performance & security) in hashing DB credentials?
You do not have permission to vote in this poll.
Well hashed/salted Password is enough.
3 60.00%
Well hashed/salted Username and Password is enough.
1 20.00%
Username, Password, User Rights and Registration date need to be hashed/salted.
1 20.00%
Total 5 vote(s) 100%
* You voted for this item. [Show Results]

Need advice for hashing DB credentials
Hi Everyone,

As it is supposed that majority here in forum are well aware of hashing, I'd like to ask for your valuable ideas about hashing DataBase credentials. We're planning to launch an automated system of credit purchase for 3rd party VoIP services.

Some may argue that 'Well, you know, security doesn't only mean protecting DB' and etc. Of course, we're also working on other matters regarding the web-site protection as a whole. But this thread is about one of its components - protecting DB.

Please, help with your unique ideas and experience to make a reliable solution, preferably something that at least can be used for another couple of years, taking into consideration the on going development of hash cracking tools and methods, so that all information which can be sensitive in case of DB dump, should be well protected.

As it's said - 'A danger foreseen is half avoided'. Smile

In addition, we are ready to sacrifice and accept a reasonable performance drop-down for this sake.

Thanking you all in advance.

Messages In This Thread
Need advice for hashing DB credentials - by jake2660859 - 06-14-2012, 01:45 PM