Questions

I am currently working with a junior developer on finishing my company website. We have a space for log-in information but neither of us are quite sure on the easiest most efficient way to store the data we receive from the website. I would like to know what my options are for storing customer information.

You mentioned that you have space to store the data, so I'm assuming that means you're storing it in the usual way (a database). If so the userid is easy: just allocate enough characters to store the longest user ID will allow.

The password is trickier. The easy way to store it is to simply store it the same way as the user ID. However, if someone manages to break into your database (which isn't as difficult as it sounds), they'll be able to steal all the passwords of every user. So this isn't recommended.

You could encrypt the password, and that is better than no protection at all. But even that is not secure, because often once a hacker compromises your systems, they get access to your decryption key and again you expose every password to the hacker, and it's a public relations nightmare.

So the proper way to do it is to use something called a one-way hash. Essentially this is one way encryption... it can be encrypted but never decrypted. This way there is no decryption key that can be stolen and security is the best. If you Google this concept you can find more information on it and find something applicable to your programming language and platform. Good luck.


Answered 10 years ago

Unlock Startups Unlimited

Access 20,000+ Startup Experts, 650+ masterclass videos, 1,000+ in-depth guides, and all the software tools you need to launch and grow quickly.

Already a member? Sign in

Copyright © 2024 Startups.com LLC. All rights reserved.