php - symfony securing passwords in cleartext

  • (2 Pages)
  • +
  • 1
  • 2

16 Replies - 447 Views - Last Post: 06 November 2017 - 11:25 AM Rate Topic: -----

#16 CTphpnwb  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 3714
  • Posts: 13,468
  • Joined: 08-August 08

Re: php - symfony securing passwords in cleartext

Posted 06 November 2017 - 11:19 AM

Are you going to write code that alters the config file? There's a reason passwords expire on systems where they want a high level of security.
Was This Post Helpful? 0
  • +
  • -

#17 ArtificialSoldier  Icon User is offline

  • D.I.C Lover
  • member icon

Reputation: 1828
  • View blog
  • Posts: 5,755
  • Joined: 15-January 14

Re: php - symfony securing passwords in cleartext

Posted 06 November 2017 - 11:25 AM

That's what I was trying to suggest - I don't see much of a point of trying to encrypt something like that. You only need to store the database password in a file, and you can disallow remote connections to the database, so even if they somehow get the password they still can't connect to the database. Also, yeah, storing the config file outside of the document root is good also. Concentrate on securing the entire server instead of worrying about a password in a config file.
Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2