Encrypting without secrets
Do you have a Web site or other system that deals in secrets of any sort? It seems like every time I give a security talk, people ask how to deal with the sticky problem of storing secrets. Connection strings with passwords are an obvious problem. You're better off simply using integrated security to get rid of those secrets, at least with SQL Server™, or an Oracle database. But what about credit card numbers and other financial or personal information? Can encryption help?
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.