Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Storing encrypted strings in a password column

Re: Storing encrypted strings in a password column

From: Jurgen Lindt <nospam_at_nospam.com>
Date: Wed, 18 Sep 2002 01:27:53 GMT
Message-ID: <tEQh9.20771$1C2.1431684@bgtnsc04-news.ops.worldnet.att.net> 





Vladimir,



No, it's not imperative, you're right.



Points taken and I understand what you say.  It does make sense.  The thing
is, the security types where I am, are "hell bent" on Triple DES encryption.
If we just store the hash of any passwords, at best, this will be 168-bit
SHA.  In other words, not using their prized and beloved "Triple DES".



I think now you mention it, storing the hash of the passwords makes sense.
We're using the Microsoft Cryptography API, which seems fairly robust.  (did
I say a Microsoft product was robust?)



Many thanks.



JL
Received on Tue Sep 17 2002 - 20:27:53 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US