Re: Storing username and password
- From: "m.posseth" <michelp@xxxxxxxxxxxxxxx>
- Date: Tue, 26 Jul 2005 20:01:50 +0200
Hello Steve ,,,
I would not recommend the aproach of saving the file in the application
directory,
i believe it would be better to save the file in a user context directory
i.o.w. X:\Documents and Settings\username\yousubdir\uspa.encryptedfile
in this way only the user , who knows his own username and password :-) ,,,
and the systems administrator can access the file
i would use a secure encryption method ( like rijndael / DES )
Regards
Michel Posseth
"Steve Lloyd" <steveRemoveThisNow@xxxxxxxxxxxxxxxxxxxxx> wrote in message
news:uzGhWPgkFHA.3936@xxxxxxxxxxxxxxxxxxxxxxx
> Hi, I am looking for a bit of advice.
>
> I have an application that can be installed on users home PC's that
> authenticates to a windows domain server over a VPN. Once authenticated
> against the Active directory I need to reuse the inputted information over
> and over and again for various database tasks (using windows
> authtication).
>
> What is the best and most secure way to store the username and password
> for re-use? I have considered hashing it and storing in a file in the
> application directory, is this secure and advisable? Any suggestion woul
> be much appreciated.
>
> Thanks
>
> Steve.
>
.
- References:
- Storing username and password
- From: Steve Lloyd
- Storing username and password
- Prev by Date: Re: Maximum number of parameters for a procedure
- Next by Date: Re: Maybe I really am a n00b
- Previous by thread: Storing username and password
- Next by thread: RE: Storing username and password
- Index(es):
Relevant Pages
|
