我的项目构想和想法 [英] My Project Idea and thoughts..
问题描述
请阅读它,很高兴收到您的评论和建议.
与朋友和知识渊博的人讨论后,我发现好的项目就是对实时应用有用的项目.因此,我决定建立一个名为"Password Encryptor and Saver"的项目.
这是因为许多人忘记了电子邮件帐户和各种其他帐户的密码.因此,我决定开发一种具有MS Access数据库的软件,当用户在其中输入电子邮件和密码时,它将存储这些电子邮件和密码.
但这可能很容易受到攻击,就好像有人可以访问数据库时,他可以拥有所有用户的ID和密码.为避免这种情况,我将使用各种加密技术对密码进行加密,然后将加密的密码存储在数据库中.当用户想要检索密码时,它将使用用于加密的密钥解密该密码.
可能会出现问题
1> MS Access数据库与我的软件的连接性.
2>电子邮件ID是很多人都知道的,因此当其他用户输入另一个ID时,他可能会获得密码.
解决方案浮现在我的脑海..
我们可能必须创建两个数据库,一个用于登录软件,另一个用于将密码存储在数据库中.用户在软件中注册后,可能会得到一个通行证(密钥),他将在登录时输入该通行证.该密钥将与他的条目一起存储在其他数据库中以供参考.
请发送建议......
Please read it and I am excited for comments and suggestions are welcomed.
After discussing with friends and knowledgeable people, I found that good project is that which is useful in real time applications. So I decided for to build a project named "Password Encryptor and Saver".
This comes from fact that many people forget there password of email accounts and various other accounts. So I decided to develop a software which will have MS access database and it will store these emails and passwords when users enter them in it.
But this might be vulnerable as if someone get access to database he can have all users id and password. To avoid that I will encrypt passwords using various encryption techniques and then store encrypted passwords in database. When user wants to retrieve passwords it will decrypt that password with key used to encrypt it.
Problems may arise are
1> Connectivity of MS Access database with my software.
2> Email id are known to lot of people so when other user enter another id he may get the password.
Solution come to my mind..
We may have to create two databases one for Login into software and other to store password in database. Once user register with software he may be given a pass(key) which he will enter at login time. This key will be stored with his entries in other database for reference..
Please send suggestions......
推荐答案
不要使用MS Access.那根本没有好处-更不用说安全了.
Java中有一个本地数据库,称为Derby.检查那个.
好处是拥有该数据库以及构建应用程序所需的全部资源.另外,该数据库也不可供任何用户访问.
另外,您还应该在数据库中对密码String进行加密,因此,如果有人设法查看该值,他仍然无法弄清楚该值.
Don''t use MS Access. That is no good at all - not to speak about security.
There is a native Database in Java called Derby. Check that one.
Benefit is to have that DB and all that is needed for the application to be build in. Also is the DB not accessible for any user.
Also should you encrypt the password String in the database, so if anyone manages to see the value, he''s still not be able to figure it out.
不要重塑轮,但是如果需要的话,请看看KeePass团队是如何做到的.该开源解决方案实际上是人们为此目的广泛使用的解决方案.通过检查此项目中的UI,您可以更好地了解维护用户凭证数据库所涉及的内容.
Don''t reinvent the wheel, but if you must then please take a look at how the KeePass team did it. That open source solution is the one that is actually widely used by people for this purpose. By examining the UI in this project, you may garner a much better understanding of what is involved in maintaining a user credential database.
这篇关于我的项目构想和想法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
