Hiya fellas- So I'm doing this project (half for school, half for work) where a utility company can go online, enter in info in a database, and it calculates bills for all their clients. Since this will eventually go to a real utility company I contract to occasionally, there are privacy issues at stake and I need to make things secure. My plan is to have them purchase an SSL certificate (perhaps chained?) to stop any packet sniffing, and to password protect the directory (the site is in a shared hosting environment on a linux machine) to stop unauthorized access. How secure is this password protection? Are the username and password encrypted before transport over the internet? (check it out at http://www.phelpscomputing.com/423/) Would I be better off just having a login page and using some of the encryption features of mySQL? I have a presentation on the project today, and just want to make sure I can handle security questions appropriately. Thanks in advance, -SN

Hi SN, I prefer to have login page in which usernames and passwords are stored in the database because its easy to maintain users and everyone can have their own login id(useful for tracking). As far as security goes, the server should of course be behind a firewall, ssl should be used... and if you want to go this far, mysql has an encryption function you can use for the passwords. -gpp

gpp- Thanks for the response. This particular system will only have one authorized user, so I don't have a need to maintain a database of users (for now...Maybe if they end up making the database available to their clients so they can see their bills we'll do something then). But I do want to make sure that when they put in their username and password, nobody can snake it in transit. Does just the regular folder password protection do this for me, or will I need to have a secured login page? One of the other guys in my class had a login page that was not secured (or at least, not using SSL), but he said that mySQL did all the encryption and that it was totally secure. But it seems like somebody could still packet-sniff the username and password while it's going to the server...I guess I don't really understand where the encryption is done. Thanks again, SN

Yeah, setting up a .htaccess file(or whatever the server is...?) should work. Just remember that the username and password are still being transmitted as readable text. Also keep in mind that when building a system it should be scaleable.. You may not want other users accessing the system now, but down the road the requirements may change. Its easier to code your system to accept users of different levels now than to change all that code in the future. As for data encryption, the only thing I've ever used it for was to encrypt credit card info. This way if a user hacks into your database, they cant actually use the data. You'll still have to use ssl to encrypt the data between the browser and the server.

Okay, that answered my question...So the htaccess solution won't do it for me, because somebody could packet-sniff and get the username and password, and the mySQL just encrypts it in the database, not in transit. That makes tons more sense. So if I used a login page, secured with SSL, and encrypted the username/password info, I'm pretty much as secure as I can be...Encrypted in transit, and encrypted on the server. Thanks! -SN

You could use the .htaccess file, you would just need to use ssl to make it secure. Basically, in any situation, you need to use ssl or else any data transmitted could be viewed. The .htaccess is just a simplified method of building your own auth page. The only difference is that all files in the directory will be protected instead of just a select few, and you cant do things such as tracking.

Presentation went great...I didn't get ripped up on the security issue like my last one:-) As always, thanks for your help gpp. -SN