| Subject | Re: [firebird-support] Guys! I got it! - Re: Avoiding hard-coding db pass in app - without using db users |
|---|---|
| Author | Doug Chamberlin |
| Post date | 2008-11-10T18:40:50Z |
Björn Reimer wrote:
decryption of the local store is only done using a key that is NOT
stored in the local application. The user's pass phrase is a good choice
for this.
> I'm using a different approach in my applications to store the pwThat is a scheme I have also used but it only works well if the
> on local computers: I'm saving the username/password combination
> in a extra file in a private home or in profile of the user. (Win)
>
> And I'm not storing it in readable format, but crypted (of course the
> key is inside the exe!)
decryption of the local store is only done using a key that is NOT
stored in the local application. The user's pass phrase is a good choice
for this.