Mysql odbc connection string is stored in the windows registry as plain text. So someone can find it and view my database.
How can I sort out this security problem.
thanks
views:
233answers:
2
A:
you can set permissions on Windows Registry key folders (XP) to deny access to users and groups. Right-click the item in the folder panel and select "Permissions..."
good luck MikeD
MikeD
2009-11-19 12:25:58
Thanks for your response. The server is set-up in a very secure way e.g SSL for FTP and two factor authentication for Remote desktop. But the problem is if somebody does get onto the server, they can see the password for the database login.I was thinking about encrypting the password within the DNSless string and having a key in a external file to unecrypt it. But the problem still remains if someone finds the key they can get the password.Do you have any other suggestions.
Jason
2009-11-19 12:51:01
A:
Thanks for your response. The server is set-up in a very secure way e.g SSL for FTP and two factor authentication for Remote desktop. But the problem is if somebody does get onto the server, they can see the password for the database login.
I was thinking about encrypting the password within the DNSless string and having a key in a external file to unecrypt it. But the problem still remains if someone finds the key they can get the password.
Do you have any other suggestions.
Jason
2009-11-19 12:47:20