Re: Encrypting user information and Data Retention Laws (US)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Matty Sarro wrote:
Hey all! I am working on a DB app atm, and I would like to encrypt all user
information, or hash it (I still haven't finalized the design).

My immediate thought for this is it's going to be difficult if you need to undo the hashing. Hash'es are one-way, they cannot be undone (by design) so if you need to have a way to go back to the original, you can't use a hash.

You can encrypt the data (see http://www.php.net/mcrypt) and that is two way but make sure you keep the encryption key outside of the document root of the webserver or something so it can't be viewed through a security issue in your webserver.

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [PHP Users]     [Postgresql Discussion]     [Kernel Newbies]     [Postgresql]     [Yosemite News]

  Powered by Linux