Storing Information In A Database That Is Confidential

Question

I'm creating an application that will need to store and, later retrieve, to display that information to a user. This information will be considered sensitive and could include a temporary password for a particular site for an employee. I believe I understand that password should be just stored with their hash and then you can check to see if the input's hash matches what you have stored in your database.

My question is: Ethically storing this information in plain text seems sketchy at best if not something as a programmer I consider borderline illegal. How I can store this information and retrieve it later? Sites like last pass accomplish this but I'm not creating a password manager nor is that something that I think I can accomplish and say, "Yes, this is secure the user's passwords will never been seen except by the user". What other methods would be viable for this?

Some features I'm thinking about including is having the logins for the users be wiped after x amount of days or even after they are used but there is still a window of opportunity for those passwords to be stolen. Anything else I could include or do differently? Is there a possibility where I could prevent these passwords being on the database at all?

Which database are you planning to use to store the password/data? — , May 04 '18 at 19:31
I'm going to be using a MySql Database that will store all the information including users on the same server the application is run on. — Stevenfowler16, May 04 '18 at 19:33
Some databases are better at managing encryption than others — Strawberry, May 04 '18 at 23:18

score 0 · Answer 1 · answered May 04 '18 at 19:42

Here is the code that I used to encrypt the password and then decrypt the password back. Let me know if you face any issue.

mysql> create table test_2(id int, password varchar(500));
Query OK, 0 rows affected (0.21 sec)

mysql> select * from test_2;
Empty set (0.00 sec)

mysql> insert into test_2 values(1,DES_ENCRYPT('abc123@##','password'));
Query OK, 1 row affected, 1 warning (0.08 sec)

mysql> select * from test_2;
+------+---------------------------+
| id   | password                  |
+------+---------------------------+
|    1 | ÿö5r¢ÍòšMÀcEL]         |
+------+---------------------------+
1 row in set (0.00 sec)

mysql> select id,DES_DECRYPT(password,'password') as real_password from test_2;
+------+---------------+
| id   | real_password |
+------+---------------+
|    1 | abc123@##     |
+------+---------------+
1 row in set, 1 warning (0.05 sec)

if I am not mistaken even with the local connection not sending that information over the network, these queries could still end up in a plain text log. — Uueerdo, May 04 '18 at 21:01

Storing Information In A Database That Is Confidential

1 Answers1