[First of all I want to apologize to those of you who are subscribed to my “Adventures in OOP” feed as this is not an OOP discussion, but I feel that this point is way too important that everyone must hear it... I was tempted to click every feed that I have because I think this is just THAT important].
I've working on something in my free time for someone else. It's a PocketPC app that uses a web service to retrieve some data. The web site behind the web service is a subscription-based service, so the user has to put in their UserName/Password on the PocketPC before they can retrieve data. We save this data purely for the user's convenience.
I did something that I find hard to do nowadays. I saved the user's password in a file as clear text. I'll be changing this later, but right now I needed to do it that way (temporarily). The app itself is not what you would think of as having really confidential data.
The only real confidential data is the password. Now this might not seem like a big deal, but it is. We need to start treating passwords like they are credit cards... I mean it! Let me explain why.
When I think of people who are not technologically savy, my parents come to mind immediately. I use a variation of about 4 or 5 different passwords (and they do vary). My parents, however, only have 2 passwords (and yes I know what they are). So if someone were to be able to gander at one of their passwords then you would own 1/2 of the places they visit; if you were lucky enough to score the one that is also their email password then you would effectively own their electronic lives.
The point here is that whenever you are storing passwords or transmitting passwords, please use a secure mechanism no matter how non-confidential your data is. Because, while your data might not be confidential, the password definitely is! Non-techy users aren't that sophisticated (they'll use the same password over and over again).
Always use encryption when you're dealing with passwords... I would also say that you should use a fairly hard form of encryption as well; don't use ROT13, an EOR-based encryption, or some other lightweight method... use something with a little bit of teeth. Also, use a standard encryption algorithm (don't use some half-baked encryption... use one built-in to .Net or if you're using Java one that is built into Java -- does Java have built-in encryption??) You want something that if it fails you can say to the judge that you did your best to protect your data and “now, please don't make me sell my house...”
Consider yourselves warned...
| posted on Wednesday, September 22, 2004 5:17 PM