Databases
StackOverflow2013
Usersdbo
USShane
 

Note that there are some explanatory texts on larger screens.

plurals
  1. USShane
    primarykey
    data
    text
    plurals
    1. POUse a persistent notification to allow the user to return to running Android app
      singulars
      1. PTQuestion
    2. PO
      singulars
      1. PTAnswer
    3. PO
      singulars
      1. PTAnswer
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    3. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POHow should I ethically approach user password storage for later plaintext retrieval?
      1. USShane
      1. VTBountyStart
    2. VO
      singulars
      1. POHow should I ethically approach user password storage for later plaintext retrieval?
      1. USShane
      1. VTFavorite
    3. VO
      singulars
      1. This table or related slice is empty.
      1. USShane
      1. VTFavorite
    1. COOf course not, and if I knew of anyone who was doing so I would take them down. I don't find that to be a 1 to 1 comparison though--there is a difference between defending against possible security breaches and exploiting them myself. Even though I think we are philosophically getting a little far afield from the question, with your statement here I feel like I should suppose that any website asking for my username and password without an SSL certificate is just as evil as someone who has just hacked my email account because they have allowed for the possibility of sniffing my credentials?
      singulars
      1. PO
      1. USShane
    2. CO@Aaronaught - I think that is a fair and valid point, but let me twist that on you. You are working on a project for a company as an employee and your boss says 'this is a requirement of our system' (for whatever reason). Do you walk off the job full of righteous indignation? I know that there is an obligation when I am in full control to be responsible--but if a company chooses to risk failure of audits or liability then is it my duty to sacrifice my job to prove a point, or do I seek the BEST and SAFEST way to do what they say? Just playing devil's advocate..
      singulars
      1. PO
      1. USShane
    3. CO@Michael Brooks - I want you to know that I am absolutely in agreement with CWE-257 and would love to just quote that verbatim each and every time I am asked to make passwords recoverable as plaintext. However, in reality, clients and users are rarely interested in NIST regulations and just want me to do it anyway. 90% of the time I can convince them otherwise but in that 10% of time when I can't I am trying to determine the best course of action--in those cases CWE-257 is ashes in my hand (unfortunately).
      singulars
      1. POHow should I ethically approach user password storage for later plaintext retrieval?
      1. USShane
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload