I recently started working on a personal project where I was connecting to a database using Java. This got me thinking. I have to provide the login information for a database account on the DB server in order to access the database. But if I hard code it in then it would be possible for someone to decompile the program and extract that login info. If I store it in an external setup file then the same problem exists only it would be even easier for them to get it. I could encrypt the data before storing it in either place but it seems like that's not really a fail safe either and I'm no encryption expert by any means. So what are some best practices for storing sensitive setup data for a program?
Sensitive Data Storage – Best Practices
datastorage
Related Solutions
SQLite or other embedded databases are common for client applications. XML/Registry for settings (in Windows). Server applications use full database engines just like web applications but MySQL is less common.
This is a generalization - there are many storage possibilities.
Encryption is only as good as the means to decrypt it. While it keeps out most people, anyone with reasonable knowledge of encryption could reverse engineer the username and password. So logically, the solution is to make it difficult to reverse engineer. The best mentality to adopt when trying to achieve this is assuming that someone wanting to crack your program knows everything that you know, how do you make it difficult to decrypt even then?
One solution that I've found is by drawing from some information that's unique to that computer like, say, the hard disk serial number. Using that as a key, you can encrypt and decrypt the username and password and so long as your source code is protected and your program is obfuscated, nobody would be the wiser. It only has the minor downside that it can't decrypt these values if the folder is copied to another computer (hence a different hard disk serial number).
Another approach is to make a formal https request to a server which provides a key that is used to encrypt and decrypt, making it impossible to decrypt by using the key, since the key is not saved locally. It has the drawback that it requires the computer to be online, but since it has to access twitter anyway, I'd say that drawback doesn't apply to you. It also doubles as a way for you to authenticate usage of your program by proving that the license used for that program isn't used under a different IP. This is becoming an increasingly popular approach since the number of computers that work offline are always fewer and fewer.
Best Answer
Several options here:
Run the Java program under a domain user which is granted access to the database (or, alternatively, store the password information in a file which is only accessible by the user that is running your program).
use a key store, with restrictions to both the user and software which will be using the key (such as what Mac OS X provides)
use a standard encryption solution, with an interface which will require input of the encryption password on program startup (so the admin starting up the program knows the password, only)
require that the uid/password for the database be entered on program startup