From: | Alvaro Herrera <alvherre(at)commandprompt(dot)com> |
---|---|
To: | Ron Johnson <ron(dot)l(dot)johnson(at)cox(dot)net> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: Encrypted column |
Date: | 2007-06-05 13:59:51 |
Message-ID: | 20070605135951.GB8140@alvh.no-ip.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general pgsql-sql |
Ron Johnson wrote:
> On 06/04/07 17:54, Guy Rouillier wrote:
> >Many people consider two-way encryption to be insecure; two-way
> >encryption means you can decrypt a value if you know the key, and it is
> >insecure because you usually have to put the key into the source code.
> >That means at least one person in your company, the programmer
> >maintaining the source code, can learn all of your users' passwords.
>
> Two-way encryption is needed for companies that store customer
> credit cards.
I thought that the advice for companies storing customer CCs was: don't.
--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.
From | Date | Subject | |
---|---|---|---|
Next Message | Richard Broersma Jr | 2007-06-05 14:07:29 | Re: CREATE RULE with WHERE clause |
Previous Message | Andrew Sullivan | 2007-06-05 13:51:24 | Re: Database design wisdom needed |
From | Date | Subject | |
---|---|---|---|
Next Message | Richard Broersma Jr | 2007-06-05 14:07:29 | Re: CREATE RULE with WHERE clause |
Previous Message | Sean Davis | 2007-06-05 13:42:27 | Re: JOIN |