|
My software package will install PostGreSQL on the server,
and clients will connect to it with a windows smart client application. What
would be the best way to keep the PostGreSQL usernames and passwords secure? I will be doing a silent install of the database, and
obviously this will require a service username and password. Should I hardcode
the service username and password? Or should I let the person installing the
software enter their own username and password for the server? Also, what should I do when it comes to the actual user for
the database? How should I handle these details? This software will be
installed on many different Pc’s by many different people. Can I use OpenSSL to secure communications between the
clients and the server? Thanks |
