https://kotlinlang.org logo
#getting-started
Title
# getting-started
b

Brian Donovan

10/01/2021, 5:12 PM
what is the most/ a popular library companies use to store sensitive information like social security number, passwords, etc. into a database?
v

Vampire

10/01/2021, 6:49 PM
Never ever ever ever ever ever write any password to any database or other persistent storage. That is a very big security no-no.
Always only write password hashes to the storage, then there is no way the password could be extracted by any vulnerability or similar
b

Brian Donovan

10/01/2021, 6:51 PM
ty!
v

Vampire

10/01/2021, 6:53 PM
scrypt is currently pretty good as password "hash" afair
1
c

CLOVIS

10/01/2021, 7:05 PM
Also never store authentication tokens. Exact same reason
k

Klitos Kyriacou

10/04/2021, 8:44 AM
Hashes are generally one-way only, so if the application being written is a password manager, it would require the ability to transform in both directions.
v

Vampire

10/04/2021, 9:14 AM
Of course, but that is pretty unlikely with that question. 😄
5 Views