Andrew Ducker (andrewducker) wrote,
Andrew Ducker
andrewducker

Any advice on storing passwords securely?

I'm currently adding Wordpress support to my link poster. And I've hit a hitch with passwords.

LJ's security means you pass the username and MD5(LJChallenge+MD5(Password)) - where LJChallenge is retrieved for each call you make. This means that I can store the MD5 of the user's password rather than storing it in plain text. While I am completely trustworthy, it's nice that I can browse the datastore and check things look ok without accidentally seeing people's passwords.

Wordpress, on the other hand, uses the MetaWeblog API for posting. Which takes the user's password in plain text.

Which means I can't hash the password when it's submitted, I have to store it in a way that I can return it back to its true value when required.

Anyone got any suggestions for what to use for this that's reasonably secure?

(I'm working in Java, which seems to have libraries for just about everything, if that helps.)

Edit: I've submitted a suggestion to DW and LJ to support OAuth. Can't see it happening this week though.



Original post on Dreamwidth - there are comment count unavailable comments there.
Subscribe

  • instagram cross-post

    Peering at a Gormley. Original is here on instagram. Original post on Dreamwidth - there are comments there.

  • instagram cross-post

    Family. Original is here on instagram. Original post on Dreamwidth - there are comments there.

  • instagram cross-post

    A nice walk. Bit chilly, but good to stretch our legs along the Water of Leith Original is here on instagram. Original post on Dreamwidth…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

  • 27 comments

  • instagram cross-post

    Peering at a Gormley. Original is here on instagram. Original post on Dreamwidth - there are comments there.

  • instagram cross-post

    Family. Original is here on instagram. Original post on Dreamwidth - there are comments there.

  • instagram cross-post

    A nice walk. Bit chilly, but good to stretch our legs along the Water of Leith Original is here on instagram. Original post on Dreamwidth…