I'm creating an application similar to phpmyadmin (database management UI). The user needs to authenticate himself against the database and the application needs to store the credentials somehow. SSL is not an option for all installs.
- Idea 1: User sends credentials, application stores username and encrypts password using predefined blowfish secret key (config.ini.php) - This is what phpMyAdmin does.
- Idea 2: Login form creates random blowfish secret (javascript), user sends login credentials, application encrypts user/password and stores them server-side in the session, secret key is stored into cookie and sent for every request.
Idea 1: Problem if server security is breached. (Key is in config, session data in /tmp)
Idea 2: Problem with man-in-the-middle attack. (Key + credentials are sent)
Any other suggestions? Criticism?