问题
I'm not referring to passwords that don't have to be used (such as passwords for other users to my site - in which case I really don't have to store them. See https://stackoverflow.com/a/1054069/939213 .) so simply storing hashes is not an option.
I'm referring to storing passwords to an SQL database and a private key that the software on the shared server has to use.
I assume there's no really secure way to do it. I just want to know what's the best in this situation.
I'm trying to keep them secure from hackers (on the same web host or not). Not from others who have permission to see the files.
It's ASP.Net codebehind that will be using them.
回答1:
Windows offers the Data Protection API (DPAPI) specifically for this purpose. Look into the ProtectedData class for consuming it from .NET.
The advantage of DPAPI is that your sensitive data is encrypted based on the Windows user’s logon credential, meaning that it is secure unless your Windows account is compromised.
回答2:
The best way to store the password is to not store it. Use integrated (Windows) authentication to connect to SQL Server. This involves running your IIS app pool as a specific (Windows) user, and granting that user access to log into the database and run the needed queries.
See also SQL Server Integrated Authentication Mode
Aside from being more secure, it performs better. Using per-user connection strings defeats connection pooling.
EDIT:
If you absolutely must store the password, then using Encrypted Connection Strings in ASP.NET is the way to go. This takes care of using DPAPI to store the connection string and machine key correctly, reducing the chance that you screw it up and think you've secured it when you haven't.
Also: Encrypting Connection String in web.config
来源:https://stackoverflow.com/questions/11232703/whats-the-best-way-to-store-a-password-or-private-key-on-a-web-host