如何安全地存储用于登录第三方网站的密码 [英] How to securely store passwords used to log in on third party websites

问题描述

首先，我不是想要一种存储我自己网站的密码以允许用户登录的方式（我可以使用密码的盐化哈希值）。

我正在建立一个个人网页，我想在主页上查看我的PayPal余额。为了做到这一点，我需要将我的PayPal凭据存储在MySQL数据库中，所以我可以从PHP中检索，然后在PayPal中登录，并刮掉我的余额。我知道我可以把我的凭据留在PHP脚本上，但是我想让更多的用户使用这个网站（每个用户都登录在我自己网站上注册的自己的帐户）。

所以，我需要的是一种安全的方式来存储我的服务器上的PayPal密码，而不是保存为纯文本。我不太了解加密，所以我想问哪个是最好的方法。

我不知道这个问题是否应该在程序员的网站上或者是在这里;对不起，如果我错了。

谢谢。

解决方案

答案是不要这样做。

回答您的第二个问题：

< blockquote>

Google电子钱包或PayPal如何存储您的信用卡安全
号码和详细信息

您可以先阅读有关 PCI合规性的信息，非常有趣的是费用页。

First of all, I am not lookig for a way to store the passwords of my own site to allow users to log in (which I could easily do using salted hashes of the password).

I am building a personal web page where I would like to be able to check my PayPal balance on the home page. To do that, I need to store my PayPal credentials in a MySQL database, so I can retrieve it later from PHP to log-in in PayPal and scrape my balance. I know I could just leave my credentials on the PHP script, but I want to allow some more users to use this website (each user logs in on his own account registered on my website).

So, what I need is a secure way to store the PayPal passwords on my server and not being saved in plain text. I do not know much about encryption, so I would like to ask which is the best way to make this.

I am not sure if this question should go on programmers site or it is right here; sorry if I did wrong.

Thanks.

解决方案

The appropriate answer is "Do not do this".

To answer your second question:

How does Google Wallet or Paypal store your Credit Cards security number and details

You can start by reading about PCI Compliance with the very fun page of fees.

这篇关于如何安全地存储用于登录第三方网站的密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！