Hacker News new | past | comments | ask | show | jobs | submit login

One technique is to store another string (a pepper) outside of the database (assuming the salt is stored with the records) which is used along with the salt to encrypt each password. This way, if only the database is compromised, and not the config file or env variable holding the pepper you're in better shape.



if they got to the database!, what makes you think they didn't get to the app server?


Although they theoretically could have, a lot of these hacks are done via SQL Injection, which is a step below having direct access to the machines. You can often leverage SQL injection further to do just that, but it takes more work/luck/skill than just dumping the DB. So it's not a given that they got filesystem access, but we shouldn't assume that they didn't either.


This could be the result of sql injection or some other application-level attack.


Or possibly just a lost backup tape.


If some backup tapes might go out of the building, they'd better be encrypted...


I certainly DO hope that some backup tapes go out of the building. Offsite backups are a good thing.


The fact that one of the points of having a three-tiered architecture is improved security?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: