0

I am writing a simple database application. The program should get database information (host,name,user,pass) and store them for next uses. So I need to encrypt them and store encrypted information in a file. On the other hand I don't want to put any passwords in program code. My question is how should I store key for encryption algorithm in program? (the key used for encrypt database information)

Improve this question
3
  • are you able to use a trusted connection? Commented Mar 18, 2012 at 12:02
  • @Daniel No. How is that related to storing password? Commented Mar 18, 2012 at 12:04
  • possible duplicate: stackoverflow.com/questions/469267/… Commented Mar 18, 2012 at 12:10

2 Answers 2

Reset to default
3

Put the key in an external file and make sure the file permissions allow only the application user to access it.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

If you change the file permissions in Windows (I think from Vista) I think that would have a similar effect.... no?
I have no experience with security in windows. I think it's better to embed password into executable, probably using resources... Thanks
0

You can use a Machine ID such as a CPU sn, but you won't e able to move te file to another system.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.