Recent

Author Topic: How Do I Add A Password to a SQLite Database File?  (Read 1305 times)

Zvoni

  • Hero Member
  • *****
  • Posts: 1604
Re: How Do I Add A Password to a SQLite Database File?
« Reply #15 on: December 07, 2022, 02:45:02 pm »
The reason to not use encryption is when it is unnecessary.
And in 99.99999% of cases it's not necessary, since it's your own data on your own device
One System to rule them all, One Code to find them,
One IDE to bring them all, and to the Framework bind them,
in the Land of Redmond, where the Windows lie
---------------------------------------------------------------------
Code is like a joke: If you have to explain it, it's bad

ttomas

  • Full Member
  • ***
  • Posts: 236
Re: How Do I Add A Password to a SQLite Database File?
« Reply #16 on: December 07, 2022, 03:02:32 pm »
PasCoder need to store passwords in database.
Where you keep all your passwords? In Password Managers?
https://password-managers.bestreviews.net/faq/which-password-managers-have-been-hacked/

About "encryption causes slow down", no if properly done with fast NI encryption algorithm.

Zvoni

  • Hero Member
  • *****
  • Posts: 1604
Re: How Do I Add A Password to a SQLite Database File?
« Reply #17 on: December 07, 2022, 03:25:16 pm »
Where you keep all your passwords? In Password Managers?
In my brain..... Best encryption, no possible way for someone else to hack

Quote
PasCoder need to store passwords in database.
and as already mentioned: Passwords should not be stored in a database (encrypted or not), but its hash!!
« Last Edit: December 07, 2022, 03:26:59 pm by Zvoni »
One System to rule them all, One Code to find them,
One IDE to bring them all, and to the Framework bind them,
in the Land of Redmond, where the Windows lie
---------------------------------------------------------------------
Code is like a joke: If you have to explain it, it's bad

PierceNg

  • Sr. Member
  • ****
  • Posts: 292
    • SamadhiWeb
Re: How Do I Add A Password to a SQLite Database File?
« Reply #18 on: December 07, 2022, 03:30:24 pm »
PasCoder need to store passwords in database.
Where you keep all your passwords? In Password Managers?
https://password-managers.bestreviews.net/faq/which-password-managers-have-been-hacked/

I use Password Gorilla which is written in Tcl/Tk and portable to Linux, macOS and Windows as a Tclkit.

ttomas

  • Full Member
  • ***
  • Posts: 236
Re: How Do I Add A Password to a SQLite Database File?
« Reply #19 on: December 07, 2022, 03:42:58 pm »
Where you keep all your passwords? In Password Managers?
In my brain..... Best encryption, no possible way for someone else to hack
Good for you, my brain have limit :-)
Just see in my app, I have 53 Win/Linux very strong passwords and 22 VPN config/certificates only for business (production) + 15+ personals passwords.
« Last Edit: December 07, 2022, 03:48:28 pm by ttomas »

PasCoder

  • New Member
  • *
  • Posts: 34
Re: How Do I Add A Password to a SQLite Database File?
« Reply #20 on: December 09, 2022, 04:32:30 pm »
Guys, thank you for the discussion. I'm really learning a lot from your pieces of advice. Remember, I'm new on this arena of programming in FP and Lazarus. I've my background in VB.net and C# from Microsoft.net Frameworks. There are many file-based databases that support passwords like VistaDB and many others. I thought that its the same this side!

Now, look at my scenario, I'm making a small App for a Savings and Credit Cooperative Society where members' sensitive transactions will be saved in a SQLite database including their savings, withdraws and other crucial information. Isn't it prudent to have such a databse be protected with a password such that a person using the computer at anytime uses another program to open it and may be change the figures?


PierceNg

  • Sr. Member
  • ****
  • Posts: 292
    • SamadhiWeb
Re: How Do I Add A Password to a SQLite Database File?
« Reply #21 on: December 10, 2022, 07:46:32 am »
Guys, thank you for the discussion. I'm really learning a lot from your pieces of advice. Remember, I'm new on this arena of programming in FP and Lazarus. I've my background in VB.net and C# from Microsoft.net Frameworks. There are many file-based databases that support passwords like VistaDB and many others. I thought that its the same this side!

SQLcipher is the most popular open source transparent SQLite encryption add-on.

Now, look at my scenario, I'm making a small App for a Savings and Credit Cooperative Society where members' sensitive transactions will be saved in a SQLite database including their savings, withdraws and other crucial information. Isn't it prudent to have such a databse be protected with a password such that a person using the computer at anytime uses another program to open it and may be change the figures?

One trick other desktop applications storing data in SQLite is known to have used, is to modify the SQLite data file header. Section 1.3 describes the header format. Some applications change the header string from the default  'SQLite format 3\000' to something else. (SQLcipher does this to an encrypted database.) Then the standard sqlite3 CLI tool is unable to read the file.

As for user authentication like what is talked about for FB embedded in this thread, an extension exists for SQLite.

Ultimately, as many others have pointed out here and elsewhere, when the SQLite database file is physically located on the user's computer, a dedicated user (or an attacker who has access to your application and the database file) will be able to reverse engineer whatever 'protections' you implement in your application. These protections are roadblocks, not impenetrable barriers.

 

TinyPortal © 2005-2018