How safe is a WebApp Code?


normaly i programm only Desktop Apps, but i try atm to realise a small Project in as a WebApp.

i etablish a mysql Connection in this webapp, and im asking me how safe is it to write:

myDatabase.Password = "myclearpassword"

or safing the password in a constant… to code it in base64 is not very secure too…

how do you protect your db password? is it needed to protect it?

would be nice to get some feedback…

thanks & greetings from Austria

No matter how you store it, a hacker that has access to your server will always be able to get it one way or another. If you have it in you app as clear text or as a constant don’t really matter. It can be reverse engineered. What’s more important is how secure your server is :wink:

Someone connecting to your app do not have access to the binary executable that is your app so they can not get/see the password.

Use obfuscation on your important strings. Arbed has obfuscation built in to it (on sale now as part of the XJ Bundle). We also have a free utility