Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris

Re: collecting sensitive data

by CountZero (Bishop)
on Jul 17, 2009 at 10:03 UTC ( #780995=note: print w/replies, xml ) Need Help??

in reply to collecting sensitive data

What is the most secure way of getting this data to the client?
If you are asking for the transport layer: it is HTTPS, do not even think of doing it in any other way (email, various encodings, home-made encryption, ...)

But that is only a (small) part of your whole can of worms: once the data is with the client, the *real* problems begin. If you let them, the data will end up in the clear on a lap-top with the master-pasword on a Post-It tacked to the screen and the laptop on the backseat of an open-topped car in the parking lot of the local mall.


A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://780995]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (3)
As of 2022-01-19 04:38 GMT
Find Nodes?
    Voting Booth?
    In 2022, my preferred method to securely store passwords is:

    Results (55 votes). Check out past polls.