| Re: problem encrypting data (AES_ENCRYPT/AES_DECRYPT) [message #181765 is a reply to message #181763] |
Thu, 30 May 2013 12:52   |
The Natural Philosoph
Messages: 993
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 30/05/13 12:53, ViVi wrote:
> On 30 Mag, 12:53, Doug Miller <doug_at_milmac_dot_...@example.com>
> wrote:
>> Aside from all that, why are you decrypting it in the first place? You may not need to.
>>
>> Specifically, if the objective is to determine whether a password entered by a user matches
>> the [encrypted] password stored in your database, the proper way to do this is not to
>> DEcrypt the stored password and compare it to the entered password, but to ENcrypt the
>> *entered* password and compare the encrypted versions.
> I'm not encrypting passwords ...
> I'm encrypting really sensible data blah blah blah ;-)
> Thankyou anyway for your attention !
yep...I did that when taking credit card details. The data was on a usb
stick. The SEED was on the computer. When unattended, they were separated..
--
Ineptocracy
(in-ep-toc’-ra-cy) – a system of government where the least capable to lead are elected by the least capable of producing, and where the members of society least likely to sustain themselves or succeed, are rewarded with goods and services paid for by the confiscated wealth of a diminishing number of producers.
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]