6👍
Yeah. Tell whoever told you to get real. Makes no / little sense. If it is about the stored values – enterprise edition 2008 can store encrypted DB files.
Otherwise, if you really need to (with all disadvantages) just encrypt them and store them as byte fields.
- How to use select_related with GenericForeignKey in django?
- What method attributes are used in Django?
- Create DB Constraint via Django
- Django i18n: how to not translate the admin site?
6👍
I had the same problem, and created the following solution: http://djangosnippets.org/snippets/2489/
I happened to use M2Crypto as the cipher engine, but that can be swapped out if desired.
As TomTom notes, doing this just raises the bar for an attacker rather than making hostile decryption impossible – in addition to accessing your database, they now also need to access wherever you store the passphrase that feeds into the key derivation function. However, by splitting the key from the data it is protecting in this way, you at least now have the option to further secure that key (e.g. with a key management server) to raise the bar yet higher. Defence in depth is a good strategy, but you also need to decide what constitutues overkill for a given application.
It’s also a terrible idea to encrypt any field that might be useful for searching or sorting purposes (I only use this trick to store OAuth credentials for a web service that doesn’t support proper tokenised OAuth connections).
- Why is django's settings object a LazyObject?
- Django alter form data in clean method
- How can i get all models in django 1.8
- Python venv not creating virtual environment
2👍
If you are storing things like passwords, you can do this:
- store users’ passwords as their SHA256 hashes
- get the user’s password
- hash it
- List item
check it against the stored password
You can create a SHA-256 hash in Python by using the hashlib module.
Hope this helps