[nycphp-talk] Encrypt and decrypt to store in DB
Allen Shaw
ashaw at polymerdb.org
Fri Aug 4 13:34:33 EDT 2006
tedd wrote:
> It is plausible for the client/provider to agree on a verbal key and
> not have it on the server, like a password? Once you hash a "strong"
> password, it becomes pretty hard to crack it.
>
Well, I was thinking the same thing. Essentially you don't store the
key on the server but submit it from the client side.
> I don't know, just asking for discussion.
Ditto. Expecting there must be reasons why greater minds wouldn't use
this approach, but not knowing what they are...
- Allen
--
Allen Shaw
Polymer (http://polymerdb.org)
More information about the talk
mailing list