Lange Marcus wrote:
>> Not that it matters in your case. The password might as well
>> be "password" - if they get access to the files/application,
>> it's game over.
>
> What about having some of the columns encrypted in the database ?
> Will that improve things abit ?
Not unless you can keep the key protected. If you prevent access to a
file containing the key then you can do the same to the database and
application files.
Can you tell us what you're trying to do? What are you going to deploy,
and what threats do you want to protect against?
--
Richard Huxton
Archonet Ltd