For Programmers: Free Programming Magazines  


Home > Archive > PHP DB > February 2008 > Re: [PHP-DB] Encrypting user information and Data Retention Laws









You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

 

Author Re: [PHP-DB] Encrypting user information and Data Retention Laws
Chris

2008-02-24, 7:05 pm

Matty Sarro wrote:
> Hey all! I am working on a DB app atm, and I would like to encrypt all user
> information, or hash it (I still haven't finalized the design).

My immediate thought for this is it's going to be difficult if you need
to undo the hashing. Hash'es are one-way, they cannot be undone (by
design) so if you need to have a way to go back to the original, you
can't use a hash.

You can encrypt the data (see http://www.php.net/mcrypt) and that is two
way but make sure you keep the encryption key outside of the document
root of the webserver or something so it can't be viewed through a
security issue in your webserver.

--
Postgresql & php tutorials
http://www.designmagick.com/
Sponsored Links







Also available: Server administration forum archive | Web Design forum archive | Software forum archive | Hardware reviews archive

Copyright 2008 codecomments.com