maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Development (https://talk.maemo.org/forumdisplay.php?f=13)
-   -   qt storing passwords in DB (https://talk.maemo.org/showthread.php?t=93438)

m4r0v3r 2014-07-12 14:26
qt storing passwords in DB
 
so am trying to create a VNC client for sailfish, albeit badly, and saving multiple client entries in a DB, but how would I securely save a password. Would I hash it and then save it, but what about when I need to actually use it for logging in.

Or realistically is this not possible

pycage 2014-07-13 08:49
Re: qt storing passwords in DB
 
Hashing is good if you don't ever need to use the actual password, but only compare it to what the user has entered. In your case, you need the password, though.
You could store it encrypted (e.g. with the Blowfish algorithm) on device.
Cargo Dock (https://github.com/pycage/cargodock) is an example of how Blowfish is used to encrypt passwords.

smoku 2014-07-13 12:41
Re: qt storing passwords in DB
 
Encrypting with a hardcoded secret is no better than ROT13.
So you need some kind of password-wallet, secured with a password given by the user.

nieldk 2014-07-13 15:08
Re: qt storing passwords in DB
 
Quote:
Originally Posted by smoku (Post 1432607)
Encrypting with a hardcoded secret is no better than ROT13.
So you need some kind of password-wallet, secured with a password given by the user.
just salt the encryption key with a user PIN


All times are GMT. The time now is 16:33.

vBulletin® Version 3.8.8