StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
13057863
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2012-10-24T21:15:01.783
FavoriteCount
0
LastActivityDate
2012-10-24T21:15:01.783
LastEditDate
LastEditorUserId
0
OwnerUserId
321935
ParentId
13056727
PostTypeId
2
Score
0
ViewCount
0
LastEditorDisplayName
text
Body
If the data is extremely sensitive, you could go the online backup way (like Mozy, Carbonite, etc) where if you lose your password or private key, you lose your data. If it's not that sensitive, you just use a master password for all account data, and allow them to reset their password. On the server you only store a random salt and the salted+hashed password, during communication you only send the salt. The client hashes that and you only have to compare the hashed values, so the raw password is never transmitted. Either way, if they hack your server, they can probably get to the master password too, unless you have to insert it to start the app every time. If it's physically separate from the database server, at least with encryption a breach of just that or a hard drive loss won't expose you. If you're worried about traffic sniffing and hash reuse, which is a possibility if someone wants the account badly enough, you have two good solutions: The better is probably using SSL to connect, which completely eliminates any possibility of exposure, but can require a fair amount of money and setup if you build out to multiple servers. Otherwise you can create a poor man's Diffie-Hellman, like so: With the salt, send another a one-time use key; the client hashes their password with the salt first, then hashes the result with the key and sends it. Server-side, you keep the key in memory or database, and as soon as they're authenticated you forget the key. You can never defend against keyloggers and rootkits with encryption, though. That needs other security models, like making the user confirm via text message with a new client or IP logs on.
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POEncrypting data via client or server or both?
 singulars
 PostTypePostTypeId
 PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USSilverbackNet
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. POEncrypting data via client or server or both?
 singulars
 PostTypePostTypeId
 PTQuestion
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. VO
 singulars
 PostPostId
 PO
 UserUserId
 This table or related slice is empty.
 VoteTypeVoteTypeId
 VTAcceptedByOriginator
CommentsPostId
1. COI like it. A lot of information, but after reading it a few times, things started to hurt less :P Thanks a bunch!
 singulars
 PostPostId
 PO
 UserUserId
 USSchautDollar

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.