Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Software

+ - Secure Application Password Management

Submitted by JPyObjC Dude
JPyObjC Dude (772176) writes "When designing any system that requires automated privileged access to databases or services, developers often rely on hard coding (embedding) passwords within the source code. This is obviously a bad practice as the password is then made available to anybody who has access to the source code (eg. software source control). Putting the passwords in configuration files is another practice but it is still quite insecure as cracking hashed passwords from a text file is still a trivial exercise.

[Q] What do you do to manage your application passwords so that your system can stil run completely automated and yet make it as difficult for hackers to get their hands on this precious information?"

When you go out to buy, don't show your silver.

Working...