Jump to content
  • Advertisement
Sign in to follow this  
Cgr

Database and Account Passwords

This topic is 3905 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I'm adding a SQL database to my game, and was wondering, should I store passwords in the database itself? I read something about it being... unsafe. If yes I should, then what data type should the password column be? If no... then where should I store the passwords at?

Share this post


Link to post
Share on other sites
Advertisement
Ah yes, a link to encryption wiki, but sadly... it does not answer my question.

Share this post


Link to post
Share on other sites
One common way of handling this is concatenating the password with a salt value, and then storing a hash of the password + salt. When checking if a password is valid, repeat the concatenation and hash and compare the hashed values.

Share this post


Link to post
Share on other sites
Quote:
Original post by Cgr
I'm adding a SQL database to my game, and was wondering, should I store passwords in the database itself? I read something about it being... unsafe. If yes I should, then what data type should the password column be?

If no... then where should I store the passwords at?


It depends on what you mean when you say you are adding sql to your game. If you are adding sql to a server, then it doesn't matter if it is secure or not because you can restrict access to the sql server. That way only your server app has access to the data base. Yes, I would store passwords in a database. I would also do the hash trick already mentioned.

If it is a desktop app then plan on anyone who has access to the game having access to the sql server. Don't store anything of any value in it. For the data type I would use a char array of the appropriate length, which depends on the hash function you use.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!