Reputation: 1173
Creating a secure configuration file that contains passwords
I am developing an application that works with PostgreSQL and other database features that require a username and password to login to the remote server to store the data. The user has to be able to set the username and password which would then be stored in a configuration file on disk. The problem is that anybody can open the configuration file and read the credentials creating a serious security problem.
I have done some research on encrypting the whole configuration file and then de-crypting it when needed, but the problem is that a hacker could put the program though a debugger and easily find out the decryption key. What is the best method to keep configuration data secret on Windows using C/C++?
Upvotes: 0
Views: 2121
Answers (2)
Reputation: 5015
The user has to be able to set the username and password which would then be stored in a configuration file on disk
This is the weak spot and this is what you need to change. (On a side note, is the password you store never going to change? That's another security weak spot.)
As stated in Eugen Rieck's answer, if the attacker has physical access to your system he will, in time, break all your defenses.
The simple solution is clear: don't let him have access to the system that handles security/authorization. Have the SQL server on a dedicated, remote machine and let it handle the username/password validation.
Or, make your app multi tiered with part on a remote machine that handles the user authentication and routs your DB queries.
This will mean that your user will have to login every time they start your application. (Preferably also after a pre-set period of inactivity.)
It all depends on how safe you need to be. It's important to understand that security is not easy to create and you should always try to use existing frameworks if possible.
Upvotes: 0
Reputation: 65334
The moment an Attacker is able to attach a debugger to your running program is the moment the game is over. Being able to debug your program means that your user account or the underlying OS is compromised, which means every security measure on your app's behalf is futile. The attacker will (with knowledge, persistence and motivation) know everything you enter into your computer, or have entered and stored before.
Upvotes: 2
Related Questions
- How to encrypt a file and hide password
- Encrypt custom .config file .NET
- "Static" Encryption of an application configuration file in C#
- Storing crypted data with libconfig
- Programmatically encrypting a config-file in .NET
- Encrypt password for storing
- how to deal with passwords securely within your application
- Encrypt segments of config file (Settings.settings)
- Hard coded Key storage for encrypted configuration file
- Loading and storing encryption keys from a config source