Tagged Questions

35
votes
11answers
2k views

Is there any reason not to go directly from client-side Javascript to a database? [duplicate]

Possible Duplicate: Writing Web “server less” applications So, let's say I'm going to build a Stack Exchange clone and I decide to use something like CouchDB as my backend store. If I use ...
6
votes
3answers
405 views

Converting a 1,000,000 rows database

If I have a database that stores the login credentials of 1,000,000 users in PLAINTEXT, how much effort will it take me to md5 hash these passwords?
6
votes
9answers
1k views

How much database access should developers have?

So I've worked in many different workplaces as a developer and my level of access to the database has been varied. I typically don't have production db access. Most of the time I have access to the ...
6
votes
3answers
299 views

Are two database trips reasonable for a login system?

I am designing a login system for a project, and have an issue about it requiring two trips to the database when a user logs in. User types in username and password Database is polled and password ...
4
votes
4answers
129 views

System that splits passwords across two servers

I stumbled upon this news article on BBC, RSA splits passwords in two to foil hackers' attacks tl;dr - a (randomized) password is split in half and is stored across two separate servers, to foil ...
3
votes
2answers
418 views

Making sure database connection information is secured

This is the first time that I am working on a web application. I was going through the question What should every programmer know about web development? and noticed one thing that I knew nothing of: ...
2
votes
2answers
144 views

help for choosing an encryption method for a database column

I'm storing some phone numbers in the database which should kept totally secret (they're supposed to access via web). BTW, because of the position of these people, I need to prevent any chance for ...
2
votes
4answers
480 views

Advice on making sure e-commerce site is secure using PHP and MySQL

Like the title says, I would like some advice from knowledgable web developers on figuring out security issues for my e-commerce site. I am designing the database as well as the code that ...
2
votes
2answers
71 views

Is there a secure way to add a database troubleshooting page to an application?

My team makes a product (business management software) that our customers install on their own servers. The product uses a SQL database for data storage and app configuration. There have been quite a ...
2
votes
1answer
265 views

Books or guides regarding secure key storage and database encryption [closed]

I have an idea for a SaaS product I want to create, however, this product will store extremely sensitive data that needs to be encrypted at rest. The trouble is not so much the encryption, but the ...
1
vote
2answers
221 views

typical way to share database connection for open-source project, without revealing too much

I have an open source project for mydomain.com which requires connections to a database (...as is tradition). What is the standard practice for allowing others to work on the site, without giving them ...
0
votes
4answers
392 views

How do you handle database security from a desktop application?

For about 10 years I've worked on various in-house desktop client applications with SQL Server data stores. Rarely did I start these projects - most are takeover work. One thing that seemed constant ...
0
votes
2answers
169 views

Assigning a local id to a user

I am creating a soap service where users will be able to interact with each other. They will have a contact list where people can be added. One of the security measures(others are in place, too) is to ...
-1
votes
4answers
951 views

Application connecting to database server

I'm working on an application which requires user credentials and so on. So a database is required on the backend. What is the best practice to connect to a database without hardcoding your password ...