Storing MySQL password as hash

Question

I know this has been asked many times before, but I can't find the answer I am looking for:

I have a C# application that connects to a MySQL database, currently the username, password and database name are stored in plain text in a .cnf file, which is very insecure.

Is it possible to store the database's password as a hash in the config and pass that instead of the a plain string? This would at least be a bit more secure.

Thanks you.

Possible duplicate of [Encrypt password in App.config](http://stackoverflow.com/questions/5522879/encrypt-password-in-app-config) — Muhammad Saqlain, Jan 30 '17 at 14:07
Possible duplicate of [Safely connect to mySQL database in c#](http://stackoverflow.com/questions/9343385/safely-connect-to-mysql-database-in-c-sharp) — invalidusername, Feb 20 '17 at 10:03

score 1 · Accepted Answer · edited May 23 '17 at 11:46

1

security through obscurity will not work. furthermore, storing as a hash won't work as hashes can't be decrypted and are only used for comparison.

Look here for more information: Safely connect to mySQL database in c#

edited May 23 '17 at 11:46

Community

1
1

answered Jan 30 '17 at 14:06

invalidusername

912
9
26

score 0 · Answer 2 · answered Jan 30 '17 at 14:07

0

You could create a new DLL file which just store the credentials. But to change it you will should to compile new version of DLL

answered Jan 30 '17 at 14:07

Alex Netrebsky

251
1
7

Storing MySQL password as hash

2 Answers2