[Comment] Re: Do the "benefits" of encrypting user passwords within your database outweigh the grief?

0
If you have good network security (firewall, physical server lockdown) and ensure all password exchange is done over SSL, then the benefits of encrypting user passwords within your database probably does <b>NOT</b> outweigh the grief in your case.
<p>
If you're truly concerned about plain text emails, then offer users the ability to store a public key on your system – then you can encrypt sensitive emails. If users aren't as worried about it, they don't have to provide such a key.
<p>
Even with SHA encryption, if crackers get ahold of your database, you're in for a world of hurt.

Leave a Reply

Your email address will not be published. Required fields are marked *

CommentLuv badge