List:General Discussion« Previous MessageNext Message »
From:Doug Thompson Date:December 12 2001 11:33pm
Subject:Re: No Database Encryption
View as plain text  
Yes.
1.  Read the manual sections concerning setting up new accounts with special emphasis on
passwords.
2.  When you thoroughly understand those matters, take the issue to the system
administrator and/or management.

hth,

Doug

Only two things are infinite, the universe and human stupidity, and I'm not sure about the
former. 
-- Albert Einstein 



On Wed, 12 Dec 2001 15:55:04 -0700, James McLaughlin wrote:

>The new programmer for our company is not using the dataType "password" or 
>any encryption what so ever for our user accounts (accounts that our 
>customers use for getting into our system) in our database.
>
>Instead he is using the VarChar dataType.
>
>Can someone explain to me how I can exploit this and show them it is very 
>dangerous.  
>
>
>
>Thanks
>
>James
>
>---------------------------------------------------------------------
>Before posting, please check:
>   http://www.mysql.com/manual.php   (the manual)
>   http://lists.mysql.com/           (the list archive)
>
>To request this thread, e-mail <mysql-thread93820@stripped>
>To unsubscribe, e-mail
> <mysql-unsubscribe-dthompson=brickbarn.com@stripped>
>Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
>





Thread
No Database EncryptionJames McLaughlin12 Dec
  • Re: No Database Encryptiontc lewis12 Dec
  • Re: No Database EncryptionDan Nelson13 Dec
  • Password encryptionST Ooi13 Dec
    • Re: Password encryptiontc lewis13 Dec
    • Re: Password encryptionsherzodR13 Dec
      • Re: Password encryptionWilliam R. Mussatto13 Dec
Re: No Database EncryptionDoug Thompson13 Dec
RE: No Database EncryptionDuncan Maitland13 Dec