Forum > General
How Do I Add A Password to a SQLite Database File?
mig-31:
Firebird can work as file-based database.
https://wiki.freepascal.org/Firebird_embedded
Zvoni:
--- Quote from: mig-31 on December 06, 2022, 01:12:06 pm ---Firebird can work as file-based database.
https://wiki.freepascal.org/Firebird_embedded
--- End quote ---
.... and ignores any Authentication provided by the user --> https://stackoverflow.com/questions/63605057/how-can-i-create-a-user-in-embedded-firebird-3-0
fabiopesaju:
you can use wxsqlite3 or sqlcipher... both are sqlite with encryption... maybe you will have to use "pragma" config to setup de cryptography
balazsszekely:
@PierceNg
--- Quote ---With SQLite transparent encryption, there is no need to decrypt the entire database file.
How it works: As data is read into the application, it is decrypted. Whatever data not read by the application remains encrypted on disk. As data is written, it is transparently encrypted.
--- End quote ---
Encrypting/decrypting everything will considerably slow down the application, especially on a large database, besides won't protect the user against memory dump.
@mig-31, @Zvoni
Firebird assumes that the computer on which the server is running is safe. If you physically have access to the database, you can always connect with sysdba/masterkey, no matter if the database is embedded or not. More recent version of firebird(3+) also supports encrypting, but then we bump into performance issues again.
The real question is why OP thinks that the user will misuse the data? Real sensitive information like username/password should be indeed encrypted, but other then this I don't see why an average user should temper with the database.
Zvoni:
--- Quote from: GetMem on December 06, 2022, 02:19:42 pm ---The real question is why OP thinks that the user will misuse the data? Real sensitive information like username/password should be indeed encrypted, but other then this I don't see why an average user should temper with the database.
--- End quote ---
Correct.
It's SQLite, it's filebased, meaning it's not Multi-user.
Why would i need a Username/Password?
If i use a program which has a SQLite in its "basement" then the Data there belongs to me, and any developer thinking "No, this doesn't concern you. Stay out of it" gets hell from me, and his app deleted.
Bottom Line: A (filebased) Database with only a single-user has no authentication (whatever for?), and (at maximum) maybe encryption (with all downsides GetMem mentioned)
Navigation
[0] Message Index
[#] Next page
[*] Previous page