Stack Overflow
Stack Overflow

Questions tagged [sensitive-data]

Please do not use this tag. Almost all data is in some way sensitive. Use the [security], [cryptography] or [credentials] tag instead.

91 questions
24
votes
5 answers

How do you handle sensitive data in a public git repo?

How do you handle sensitive data like secret API keys, hash salts when you keep your code in a public git repo? Obviously keeping the sensitive data in the code will compromise it. Another solution is to not hardcode the secret info in the code, but…
orlp
  • 112,504
  • 36
  • 218
  • 315
19
votes
2 answers

Android private content provider?

I am developing an application that involves some sensitive user information. I retrieve this information via a private web API. I am trying to determine the best way to get this data into my app. Right now I'm exploring creating a content provider…
Allyn
  • 20,271
  • 16
  • 57
  • 68
13
votes
4 answers

Securely storing and searching by social security number

So I'm working on a supplemental web-based system required by an HR department to store and search records of former personnel. I fought the requirement, but in the end it was handed down that the system has to both enable searching by full SSN,…
David Hay
  • 3,027
  • 2
  • 27
  • 29
11
votes
1 answer

Get bank name from routing number

Googling for an array of common routing numbers and their US-based bank names pulls up a whole list of spammy sites. Can anyone point me to where I could find such an array or better yet a javascript/jquery plugin that handles the routing number…
tim peterson
  • 23,653
  • 59
  • 177
  • 299
10
votes
3 answers

ASP.NET WebAPI Conditional Serialization based on User Role

I have an ORM (NHibernate) that maps to POCOs which will be returned in ApiControllers. I realize that JSON.NET allows me to put conditional serialization methods (ShouldSerialize*) on my models; however, these models and their methods have no…
Zach
  • 3,157
  • 1
  • 19
  • 32
7
votes
3 answers

How to prevent tracking sensitive data in URLs?

Some URLs in my single-page-app (SPA) contain sensitive information like an access token, user information, etc. Examples: /callback#access_token=HBVYTU2Rugv3gUbvgIUY /?email=username@example.com I see that hotjar allows suppressing DOM elements…
Taras Hupalo
  • 1,337
  • 2
  • 16
  • 29
6
votes
2 answers

Storing each customer's Stripe configuration in SaaS application

The website builder SaaS application has a feature that lets customers connect their Stripe accounts to their website and receive money. Each user (website owner) of this SaaS application has a Stripe account. During the development phase of the…
Tural Ali
  • 22,202
  • 18
  • 80
  • 129
6
votes
7 answers

How to separate a person's identity from his personal data?

I'm writing an app which main purpose is to keep list of users purchases. I would like to ensure that even I as a developer (or anyone with full access to the database) could not figure out how much money a particular person has spent or what he has…
Rene Saarsoo
  • 13,580
  • 8
  • 57
  • 85
6
votes
1 answer

How do I filter sensitive Django POST parameters out of Sentry error reports?

To quote the Django docs: @sensitive_post_parameters('pass_word', 'credit_card_number') def record_user_profile(request): UserProfile.create(user=request.user, password=request.POST['pass_word'], …
Steven D.
  • 311
  • 4
  • 10
5
votes
2 answers

Backup database and remove sensitive data

I'm looking at backup routine which allows our production database to be backed up with sensitive data stripped out of certain columns within the database to be exported to our testing server. The routine should require the least human intervention…
Mike737
  • 836
  • 5
  • 16
5
votes
3 answers

Storing sensitive data with Drupal

I need to use sensitive data with Drupal for a custom module to use. If I simply set them through the GUI, they will be stored unencrypted in the database. Anyone having access to it will have access to my sensitive data. I can see two solutions for…
Korchkidu
  • 4,908
  • 8
  • 49
  • 69
5
votes
1 answer

Preventing Sensitive Information From Appearing In The Task Switcher - Apple Code Not Working - iOS 8 glitch?

This document: Preventing Sensitive Information From Appearing In The Task Switcher describes a way to present a view controller in applicationDidEnterBackground so as to hide critical information in the task switcher: -…
SAHM
  • 4,078
  • 7
  • 41
  • 77
5
votes
1 answer

How to make sure API tokens & passwords stay off github

I am considering publishing a project on github. It may contain sensitive data like API tokens, which I naturally do not want to be public. I would like to use the code locally with correct tokens, passwords etc, but only placeholders should go to…
myhd
  • 332
  • 4
  • 22
4
votes
4 answers

Logical deletion with event sourcing (potentially with sensitive data / GDPR)

I understand that event sources are supposed to be immutable and append only. However, I'm wondering how I handle a logical delete. If the user clicks 'delete' on the UI and they are expecting a hard delete, do I include a IsDeleted flag on my…
user3603308
  • 355
  • 4
  • 17
4
votes
3 answers

Hide password in all previous commits on Github repo

I have uploaded my project on GitHub public repo. But one of the files contains my password information. And there are several commits I have made already. How can I hide my password right from the initial commit? There is no separate file for a…
Akshay Chandrachood
  • 63
  • 1
  • 7
1
2 3 4 5 6 7