Application passwords and SQLite security Application passwords and SQLite security sqlite sqlite

Application passwords and SQLite security


database security sqlite passwords privacy

1) Password recovery is dangerous. The strength of the password is undermined by the answer to a question, this is the principal of the weakest link. Sara Palin's email hack was made possible because of this (very) insecure feature. Also if you store the password in a "recoverable format" as in a block cipher like AES or stream cipher like RC4 or an asymmetric cipher like RSA then you are in clear violation of CWE-257. If you really need this feature, you must require that the user reset their password, if they don't know it, then why would you need tell them?

Passwords must always be hashed using a secure message digest. Currently many message digest functions are insecure, md4, md5, sha0 and sha1 are all very broken and should never be used for passwords. Currently any member of the sha2 family is the best function to use, I recommend SHA-256. NIST is currently holding a contest for sha3 and it won't be finalized until sometime in 2012.

Passwords must also be "salted" with a large random value. This could be another column in your database which is then appended to the plain text password before passing it to your message digest function. This makes dictionary attacks impossible unless the attacker can obtain the salt, it also makes pre-computed attacks far more resource intensive to conduct successfully. Despite popular knowledge, salting does not stop rainbow tables, it just means you need a MUCH LARGER set of rainbow tables.

2)Where are you going to put the key for your encrypted database? Sqlite is just a file you could encrypt this and then decrypt it when you app starts up, this just adds some load time but at runtime it will be just as fast. The real problem is there there is absolutely no place you can put a secret on the device that an attacker cannot obtain. An attacker has more control over the device than you do, an attacker can jailbreak the device and do whatever they want. Even if the key is transfered at runtime it can still be obtained by looking at the device's memory. Any efforts to encrypt the database can be undermined, it can make it more difficult but it won't stop a skilled hacker.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last