Go Back   Forums @ The Digital Fix > Gadgets and Gizmos > Computing Forum

Notices

Reply
 
Thread Tools Display Modes
Old 31-03-2010, 13:22   #1
Guest 58450
Poke Us White Face
 
Guest 58450's Avatar
 
Join Date: Aug 2006
Location: London
Posts: 7,186
Thanks: 38
Thanked 12 Times in 10 Posts
PHP: Anyone know of a secure way to store social site credentials?

I'd like to use APIs for sites like Vimeo, YouTube, Tumblr, etc. to allow me to directly update these sites from one place for a website.

In order to use these you'll need to send through your credentials for each site so I'd like to find a way to store them securely in my application.

Unfortunately all the security things I have already for passwords, like salts with md5 and MySQL's own PASSWORD(), etc. function work by returning TRUE if the password passed in matches the encrypted version. However, in this instance I'd want to be able to extract the unencrypted version to send through to an API.

Of course this is inherently insecure. So how do linkings between Twitter and Facebook and the like work now? Does Twitter have a copy of my Facebook credentials on its server where they can easily be decrypted and read should anyone wish to do so?

Or is there a method involving cookies that is involved?
Guest 58450 is offline   Reply With Quote
Old 31-03-2010, 16:57   #2
Guest 3015
Rated 'E' for everyone.
 
Join Date: Feb 2001
Location: Ottawa, Canada.
Posts: 171
Thanks: 0
Thanked 0 Times in 0 Posts
If they are doing it properly, they are using something like OAuth : http://www.jaisenmathai.com/blog/200...api-using-php/

Last edited by Bodger; 31-03-2010 at 16:59.
Guest 3015 is offline   Reply With Quote
Old 01-04-2010, 07:22   #3
Guest 58450
Poke Us White Face
 
Guest 58450's Avatar
 
Join Date: Aug 2006
Location: London
Posts: 7,186
Thanks: 38
Thanked 12 Times in 10 Posts
Thanks, I'll check it over.
Guest 58450 is offline   Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Talkshow hosts and their psychology credentials LordoftheDance Television Discussion 1 26-01-2009 14:39
Domains, Secure Site Certificates and Web sites Guest 358 Computing Forum 4 28-03-2006 12:14
Virgin Wines: Not a secure site? Robby Suppliers and Shopping Forum 4 05-12-2003 18:42
US online store that will ship SD (Secure Digital) flash card to UK? Rabh Suppliers and Shopping Forum 0 31-07-2002 22:42

All times are GMT. The time now is 00:57.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Copyright ©2000 - 2018 Poisonous Monkey Ltd. Part of The Digital Fix Network