Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AmyZ
Viewer
‎10-18-2017 05:29 AM
‎10-18-2017 05:29 AM

best practice to protect Database connection password

Storing DB connection password in plain text in config file is very common way, but we know it's not secure. what's the best practices to protect DB password? thanks.
Reply
0 Kudos
2 Replies
sureshdr
Viewer
‎10-18-2017 09:44 AM
‎10-18-2017 09:44 AM

Hi, The technique will vary based on language and environment that you are deploying. Perhaps you can provide further information on this?
Reply
AmyZ
Viewer
‎10-18-2017 09:56 PM
‎10-18-2017 09:56 PM

yes, indeed. two situation here, one is developing by Java, one is developing by php or some other scripting language. the same function is they all need to connect to database to update data. the encryption principle is separating key and cipher text. for java, there is a way to secure DB password as below: 1. generate a root key and a instance key 2. encrypt DB password by instance key and store it in config file 3. encrypt instance key by root key and store it in config file 4. keep root key in other server and get them when require after authenticated please let me know your advice, thx.
Reply
0 Kudos