Menu
In my last question "Portable database for storing secrets" the best answer until now tell to use sqlite-crypt.
Reading sqlite-crypt docs, the new param for open the database is the pass-phrase. Of course, I don't want hardcode the password, so I was thinking what the best, simple and fast method to store that password?
576
Hardcoded Passwords, also often referred to as Embedded Credentials, are plain text passwords or other secrets in source code. Password hardcoding refers to the practice of embedding plain text (non-encrypted) passwords and other secrets (SSH Keys, DevOps secrets, etc.)
(1) A part of a program that has been declared as unchanging. For example, a constant is hard coded and remains the same throughout the execution of the program. (2) Programming code that solves a problem but offers less flexibility for future changes.
Some options.
Ask the user for a passkey (aka they memorize one password to get to all their password) (good idea)
Create a key on the first startup of the app, which is then hashed in your own unique way (bad idea)
Use a mixture of the above, aka give users the options of one, or two (remember my password checkbox)
106
You pretty well have to store it in a user.
Otherwise you're just substituting some other security mechanism for the one you're asking about...
David's point in the comment on Infamy's answer is well taken. One should allow some flexibility, in case the user is handling protection at a lower layer... So, go vote for Infamy.
29
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
