[mythtv] mythtv/master commit: 61ba720ef by David Blain (dblain)
Doug Haber
doug at fawnanddoug.com
Sat Mar 26 13:58:14 UTC 2011
Hi All,
In a recent commit David Blaine wrote:
> * All authentication details stored in settings table... not very secure
> (Looking for suggestions to make this better).
One common practice for securing passwords in a database is to use a
one way hash like sha-256. When the password is created the
application hashes the plain text and stores this in the DB. When it
comes time to check to see if a password is valid, the application
never needs to know the actual password, it just hashes the user's
input and compares the hashed value to the value in the database.
I think QT has a library (QTCrypto) for hashing (including SHA and
several others).
-Doug
More information about the mythtv-dev
mailing list