How to not hardcode passwords?
Asked Answered
L

4

9

In my last question "Portable database for storing secrets" the best answer until now tell to use sqlite-crypt.

Reading sqlite-crypt docs, the new param for open the database is the pass-phrase. Of course, I don't want hardcode the password, so I was thinking what the best, simple and fast method to store that password?

Lumpish answered 17/2, 2009 at 1:13 Comment(0)
D
11

Some options.

  1. Ask the user for a passkey (aka they memorize one password to get to all their password) (good idea)

  2. Create a key on the first startup of the app, which is then hashed in your own unique way (bad idea)

  3. Use a mixture of the above, aka give users the options of one, or two (remember my password checkbox)

Dichromate answered 17/2, 2009 at 1:24 Comment(1)
+1 for #3. Some users may have alternative security schemes in place (e.g. full-disk encryption) that make storing the password in a configuration file an acceptably low risk for them.Stutsman
B
3

You pretty well have to store it in a user.

Otherwise you're just substituting some other security mechanism for the one you're asking about...


David's point in the comment on Infamy's answer is well taken. One should allow some flexibility, in case the user is handling protection at a lower layer... So, go vote for Infamy.

Baines answered 17/2, 2009 at 1:17 Comment(0)
S
2

Hardcoding is inevitable at some point, unless the password is only ever used interactively.

The best thing you can do in a password-in-file situation is make it damn hard to access it in the first place, and then limit what can be done with it if someone does find it. A rule of thumb is that you shouldn't give more privileges to a password stored in a string than one that you have to type at a prompt.

Steamroller answered 17/2, 2009 at 1:53 Comment(0)
N
2

On Windows you could/should use the DPAPI, the Data Protection API that provides storage encryption.
It's there just for this type of problem.

Encryption of the storage is based on either:

  • the user account, so only the logged-in user can access the data. This makes the data transferable to another PC with the exact same user credentials.
  • the machine, making the data only accessible on that particular machine setup and not transferable to another PC.

There is a dnrTV show with Karl Franklin showing exactly what's needed to implement this, and other encryption functions.
The source code from the show is also available on the page.

There are, of course, lots of other articles on that subject.

Nollie answered 17/2, 2009 at 2:53 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.