Security Users table with naked passwords

Plateforme Level Extreme

Abonnement

Profil corporatif

Produits & Services

Support

Légal

English

Security Users table with naked passwords

Message

16/07/2004 08:08:45

Carl Olson
Cerelogic, Inc
Winston, Georgie, États-Unis

16/07/2004 07:34:00

Tony Scarpelli
Maine Medical Center
Portland, Maine, États-Unis

Information générale

Forum:

ASP.NET

Catégorie:

The Mere Mortals .NET Framework

Titre:

Re: Security Users table with naked passwords

Divers

Thread ID:

00925092

Message ID:

00925100

Vues:

What you say is true... the passwords are clearly visible. This, in my opinion, is the single biggest flaw of the framework. I feel that this should be addressed within the framework - and hopefully it would be the topmost priority of any bug fix or enhancement to the framework.

Regards,
Carl.

>In the Users table the password is visible and not encrypted in any way.
>
>Is this a problem?
>
>Since I am not the administrator of our SQL Server can't administrators look at these tables and see those passwords?
>
>This application is for a Purchasing system and Internal Auditing would have a fit about this.
>
>Should I be developing a method to encrypt those passwords so no one can see them?
>
>Thanks.

Carl Olson, Jr.
CEO, Founder
Cerelogic, Inc.

www.cerelogic.com

"Applying rocket science to business."

Répondre

Fil

Voir

Click here to load this message in the networking platform