4

How can I store credentials for other MySQL servers in a MySQL database securely?

I'm working on a project which requires that I connect to other's MySQL servers, but I don't know how to securely store the username and password. I would need to get them in plaintext somehow since I will need to connect using them later, but that wouldn't be safe since an attacker could easily get all the credentials.

Any ideas are greatly appreciated :)

Moome Game
  • 41
  • 2
  • Possible duplicate of [How should I ethically approach user password storage for later plaintext retrieval?](http://stackoverflow.com/questions/2283937/how-should-i-ethically-approach-user-password-storage-for-later-plaintext-retrie) – Jocelyn Jul 12 '16 at 08:35
  • 1
    This is a common problem. The question is, what level of security you need to achieve and what your budget is for the above. If you want a high level of security, then you are not really going to find a free solution. – Shadow Jul 12 '16 at 08:39
  • @Shadow Thanks! I think I will make it generate the password, and the end user will create a new MySQL user set the password to what it requests with as few permissions as possible. – Moome Game Jul 12 '16 at 08:41
  • Your attacker comments are a bit nebulous. Look into TLS/SSL and PKI – Drew Jul 12 '16 at 12:31

1 Answers1

0

Check my answer for a similar question: What's a secure alternative to using a MySQL password on the command line?

Basically MySQL 5.6 introduces a new method to solve this problem.

Community
  • 1
  • 1
Tuncay Göncüoğlu
  • 1,514
  • 13
  • 18