encrypting everything
Moderator: General Moderators
encrypting everything
I just read in cnet that a company was suit because a hacker was able to steal emails and passwords (using sql injection). They argue that the email should have been encrypted. I understand password being encrypted and data like ssn. But emails? Every piece of data could be consider important, the name, the phone, address, etc? Are you guys encrypting everything now a days?
Re: encrypting everything
No, I rather make sure I'm not vulnerable to injections in the first place 
(And as for encrypting passwords: you shouldn't store passwords at all, just hashes)
(And as for encrypting passwords: you shouldn't store passwords at all, just hashes)
Re: encrypting everything
I never store passwords, and everything else is plaintext.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
- Bill H
- DevNet Resident
- Posts: 1136
- Joined: Sat Jun 01, 2002 10:16 am
- Location: San Diego CA
- Contact:
Re: encrypting everything
User: I forgot my password.
Me: Okay.
User: Can you tell me what it is?
Me: No. I can reset it to "foobash" for you.
User: I don't want that one, I want it to be what it was.
Me: You forgot what it was.
User: But I want you to tell me what it was.
Me: I don't know what it was.
User: But can't you find out?
Me: No, it's your password, not mine.
User: But if you make it "foobash" you'll know what it is.
Me: Only until you use it to get in and change it to something that I don't know.
User: But what if I forget it again?
Me: Then I'll reset it to "foobash" again.
User: You still won't be able to tell me what it is?
Some people just don't understand this whole encryption thing.
Me: Okay.
User: Can you tell me what it is?
Me: No. I can reset it to "foobash" for you.
User: I don't want that one, I want it to be what it was.
Me: You forgot what it was.
User: But I want you to tell me what it was.
Me: I don't know what it was.
User: But can't you find out?
Me: No, it's your password, not mine.
User: But if you make it "foobash" you'll know what it is.
Me: Only until you use it to get in and change it to something that I don't know.
User: But what if I forget it again?
Me: Then I'll reset it to "foobash" again.
User: You still won't be able to tell me what it is?
Some people just don't understand this whole encryption thing.
Re: encrypting everything
To be fair, this a distinct difference between hashing and encrypting. You can get a persons password back if you merely encrypt it. Credit card numbers are stored encrypted. They can be unencrypted.
However, there comes a point in time when you have to weigh convenience with security. I know we all like to say that security is the most important thing, but then the reality is, we would really be encrypting everything. Of course, this is not really feasible.
Consider if you encrypted users data to their username and password. Now, you are smart and build in the ability to change the data when the user changes his password. But what happens to the users data when they forget their password?
Encryption really is security through obscurity. It's hiding the data with a password. That's really all it's doing. If someone get's access to data that is encrypted, the encryption isn't some magical protection. The data is reversible. Even more so, if the person gets access to your database AND your server, they can most likely find your encryption method, and reverse it to decrypt everything.
Okay, so I've babbled. Anyways, the point is simple. Protecting user data is important, but encryption is merely a reasonable protective measure for highly sensitive data. There is a reason there is a lot more to credit card processing then merely encrypting the data you store. Best practices, security policies, secure data transfer, patched and up-to-date software: all these things are critical.
Just something to think about.
However, there comes a point in time when you have to weigh convenience with security. I know we all like to say that security is the most important thing, but then the reality is, we would really be encrypting everything. Of course, this is not really feasible.
Consider if you encrypted users data to their username and password. Now, you are smart and build in the ability to change the data when the user changes his password. But what happens to the users data when they forget their password?
Encryption really is security through obscurity. It's hiding the data with a password. That's really all it's doing. If someone get's access to data that is encrypted, the encryption isn't some magical protection. The data is reversible. Even more so, if the person gets access to your database AND your server, they can most likely find your encryption method, and reverse it to decrypt everything.
Okay, so I've babbled. Anyways, the point is simple. Protecting user data is important, but encryption is merely a reasonable protective measure for highly sensitive data. There is a reason there is a lot more to credit card processing then merely encrypting the data you store. Best practices, security policies, secure data transfer, patched and up-to-date software: all these things are critical.
Just something to think about.