[OWASP_PHPSEC] Encryption?

Abbas Naderi abiusx at owasp.org
Tue May 28 18:31:16 UTC 2013


Hi Rahul,
We would be needing information in our storage library, to store sensitive information such as database credentials.
Of course its not bullet proof, but prevents leakage via a simple LFI.
-Abbas
On ۷ خرداد ۱۳۹۲, at ۲۲:۵۲, rahul chaudhary <rahul300chaudhary400 at gmail.com> wrote:

> Hi all,
> Do we really need encryption/decryption? If yes then where? Because transactions will anyway would be secured by HTTPS and locally only hashes are stored.
> 
> One place i can think of is to encrypt the whole db while making backups.
> 
> Also would it be wise to implement hash-chaining?
> 
> _______________________________________________
> OWASP_PHP_Security_Project mailing list
> OWASP_PHP_Security_Project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp_php_security_project

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130528/4f88a76b/attachment-0001.html>


More information about the OWASP_PHP_Security_Project mailing list