Re: encrypting data in edb, revisited
- Posted by DerekParnell (admin) Oct 08, 2011
- 1395 views
i needed to protect data in edb database, and ended up going with truecrypt.
... i need a secure reliable method to password protect individual records ...
Do you need to encrypt the DATA or just encrypt the PASSWORDS?
Data in an EDB database is already obscured so it is not easily readable by casual exploration.
Passwords should never really be stored anywhere, encrypted or not, on a system. Instead, a hash of the password plus userID is usually stored. This prevents even trusted system people from decrypting a password. And by combining a password with a userID before hashing makes sure that people with the same password still get different hash values. So to see when a person has entered the correct password, you simply make a hash of the entered password + userID and compare the resulting hash against the stored hash.
Another consideration for protecting the integrity of data base records is to implement record and table hashes. A record hash is just a hash of the complete record data appended to the record before saving any update to it. This prevents modifications to a record going undetected. Similarly, a table hash is a hash of all the record hashes so you can detect unauthorized record deletions and/or additions.
