I've been looking for measures to take for proper encryption. I've had my website attacked once before and was not prepared. Took me almost 48 hours to get back up and running. It's a small team that I work with so I want to make sure I never have to work out those kinks again. Since a lot of experts have been lately pushing security and encryption, it seems that "over-preparing" for a data breach is better than standing pat (some might call is "over-reacting" but I'd rather be safe than sorry).
I've had recommendations for using MyCrypt PHP Library with Cipher Block Chaining (CBC) mode, and it seems smoother than the Electronic Codebook (ECB) mode that I was using.
I've found helpful scripts online, but some can be a bit taxing when I need to decrypt around 30 data-strings in a single page. It takes about 10 secs to decrypt one at my current rate.
Suggestions?
Ensuring proper encryption
Moderator: General Moderators
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Re: Ensuring proper encryption
It is not clear what you are encrypting or how your site was attacked/vulnerable before. Why do you need to "around 30 data-strings in a single page"?
(#10850)