[DUG] How to make secure MySQL
Pieter De Wit
pieter at insync.za.net
Wed Aug 1 11:22:54 NZST 2018
Hi,
Store the passwords as a salted sha256 or something:
(Sorry, my Delphi is a bit rusty)
passhash=sha256 (“SALT1234”+real_password+”SALT4321”);
Also, use SSL on the MySQL layer :)
Cheers,
Pieter
> On 1/08/2018, at 11:19 AM, <jc at magicweb.nz> <jc at magicweb.nz> wrote:
>
> Hi all
>
> Can anybody give me some pointers and/or examples of how to make my web app – using MySQL – secure. At the moment I’m just transferring the bare passwords across, not a good idea I guess.
> Secondly, once logged in, a session variable determines a logged in status – safe enough?
>
> Thanks for any reply.
> John C
>
>
> _______________________________________________
> NZ Borland Developers Group - Delphi mailing list
> Post: delphi at listserver.123.net.nz <mailto:delphi at listserver.123.net.nz>
> Admin: http://delphi.org.nz/mailman/listinfo/delphi <http://delphi.org.nz/mailman/listinfo/delphi>
> Unsubscribe: send an email to delphi-request at listserver.123.net.nz <mailto:delphi-request at listserver.123.net.nz> with Subject: unsubscribe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://listserver.123.net.nz/pipermail/delphi/attachments/20180801/2deeb254/attachment-0003.html
More information about the Delphi
mailing list