3
In the Influxdb documentation, I found the following note:
Note: Influxdb redacts passwords when you enable Authentication.
Source: https://docs.influxdata.com/influxdb/v0.13/administration/authentication_and_authorization
3
In the Influxdb documentation, I found the following note:
Note: Influxdb redacts passwords when you enable Authentication.
Source: https://docs.influxdata.com/influxdb/v0.13/administration/authentication_and_authorization
1
I recommend using that link for the user to be automatically taken to the question session.
As far as I know, redacts means "censorship" or "hide" in the present indicative, this would be necessary if for example the database were shown publicly, or to assure users of the fact that the person with access to the database can not know his password, which could be used for malicious purposes in a scenario where the user uses the same password for multiple services.
It would be even more recommended that the database use a password "hashing" system, in which the password that is sent by the person goes through a process in which it is turned into another string of characters, if the string that is formed is the same on the site, the user is guaranteed access to the service, with this mechanism a website administrator does not know his password, but he needs to have the ethical sense to implement the same.
A hashing process can only work one way, with a series of fixed processes, otherwise this is an encryption process, an encryption needs to be implemented with at least two elements - usually the content to be passed and a "key".
The user Cantoni pointed out something important: the hashing process must be irreversible in conventional ways, otherwise there would also be the possibility that a person with access to the database would recover the information of users even if it had never been hosted on the server.
Base64 is not hashing. It is just a way to encode a String. It is a completely reversible process (and should be). Password hashing algorithms must necessarily be one-way. In this context, there are several types, such as MD5, SHA256, etc.
Browser other questions tagged database security-guard
You are not signed in. Login or sign up in order to post.
I think this is saying that this Influxdb guy creates a password when you activate authentication, but it’s just a guess.
– Jéf Bueno
Redact, in this context, means censorship, alteration or removal.
– OnoSendai