I'm developing a web application for which final users have to create an account. This part is very easy: I'll hash their passwords with SHA-256 so that nobody, except the user himself, knows the password. Now comes the difficult part. After the user creates an account, he/she has to provide the password of his/her email server. Now the question is: how can I protect this password decently (the password will be stored in a database)? If I encrypt the password with TripleDES, any developer or system administrator would be able to decrypt the password and see it. What is the usual way to deal with such a problem? Many Thanks.
The usual way to do this is to use an symmetric encryption key which is derived from the user's password. The standard way to do this is using the algorithm specified in RFC2898, which generates a set of cryptographically secure bytes you can use as a key and IV. It's probably supported by a library for your language, .NET for example, which is what I use has the Rfc2898DeriveBytes class.
Of course when your user changes their password you will have to decrypt any existing cipher text and then derive the new key and re-encrypt.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With