如何隐藏我的数据库中显示的密码？ [英] How Can I Hide My Password Which Is Displayed In My Database?

问题描述

你好......

我想隐藏我在数据库中显示的密码..

E.g;我有一个html（用户名和密码）的注册表格，这2个保存在我的数据库中..

我不希望密码出现，因为我在数据库的表格中输入密码。 br />
我该怎么做？

任何帮助PLZ ..

谢谢你....

Hello...
I want to hide my password which is displayed in database..
E.g; i have a registering form in html (username & password) and these 2 are saved in my database..
I don't want the password to appear as i entered it in my table in database.
How can i do this?
Any help plz..
Thank u....

推荐答案

您必须对密码应用散列和腌制。请参阅：了解和实施密码哈希和腌制的初学者教程 [ ^ ]

You have to apply hashing and salting to the password. Refer: A Beginner's Tutorial for Understanding and Implementing Password Hashing and Salting[^]

当您让用户直接访问您的数据库时，您必须记住您已授予他们直接访问您的数据库的权限。你不能改变它。没有多少加密或混淆可以使他们有权访问您的数据库。



所以你需要考虑，你真的希望他们能够访问你的数据库？



如果您确实想要授予数据库访问权限，请确保正确设置权限。例如，如果他们只需要读取权限，请确保您提供给他们的用户只有读取权限。



如果您实际上不希望他们访问数据库直接但你希望他们有权访问数据，然后根本不把数据库密码放在你的程序中。例如，您可能希望在数据库前设置Web服务，并让用户查询Web服务。 Web服务将具有数据库密码，但您的用户不会。

When you give your users direct access to your database, then you have to remember that you have given them direct access to your database. You cannot change that. No amount of encryption or obfuscation can take that away that they have access to your database.

So you need to consider, do you really want them to have access to your database?

If you do want to give database access, make sure the permissions are set correctly. For example, if they only need read access, make sure that the user you have given them only has read access.

If you don't actually want them to access the database directly but you want them to have access to the data then don't put the database password in your program at all. You might for example want to set up a web service in front of your database and have your users query the web service. The web service would have the database password, but your users would not.

这篇关于如何隐藏我的数据库中显示的密码？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！